Commit f1d3b9f10a84d8c6e1a77e2bd00248c4c09cf9d3

Ben Wagner 2022-01-11T17:15:35

Revert "[bzip2] Avoid use of uninitialized memory." This reverts commit d276bcb7f0c02c20d3585b2e5626702df6d140a6. The original commit did avoid the use of uninitialized memory. However, it appears that the original commit is no longer required. The underlying issue was resolved by a change in freetype2-testing "Build bzip2 correctly." [0]. Prior to [0] bzip2 was built without msan, so bzip2 writes were not tracked or considered initialized. Clearing `buffer` in the original commit allowed msan to see the `buffer` content initialized once in FreeType code, but msan saw no writes into buffer from bzip2. With bzip2 now built with msan, the bzip2 writes are properly instrumented and msan sees the bzip2 writes into the buffer. As a result the original commit can be safely reverted to allow for better detection of other uninitialized data scenarios. * src/bzip2/ftbzip2.c (FT_Stream_OpenBzip2): Revert to using `FT_QNEW`. [0] https://github.com/freetype/freetype2-testing/commit/3c052a837a3c960709227a0d6ddd256e87b88853

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
diff --git a/src/bzip2/ftbzip2.c b/src/bzip2/ftbzip2.c
index b8d65d3..1d08f5e 100644
--- a/src/bzip2/ftbzip2.c
+++ b/src/bzip2/ftbzip2.c
@@ -481,9 +481,7 @@
     FT_ZERO( stream );
     stream->memory = memory;
 
-    /* Don't use `FT_QNEW` here to avoid problems with uninitialized */
-    /* memory later on if the font is malformed.                     */
-    if ( !FT_NEW( zip ) )
+    if ( !FT_QNEW( zip ) )
     {
       error = ft_bzip2_file_init( zip, stream, source );
       if ( error )