fix double free caused by coverity fix
This commit is contained in:
Zdenek Dohnal
parent
e0d336a9cc
commit
3d0ce41d4b
@ -0,0 +1,41 @@
|
||||
From 381636aa7287a5215baf57b852518cf1741a9878 Mon Sep 17 00:00:00 2001
|
||||
From: Till Kamppeter <till.kamppeter@gmail.com>
|
||||
Date: Sun, 19 Feb 2023 22:11:44 +0100
|
||||
Subject: [PATCH] Do not free cf_image_t data structure in _cfImageZoomDelete()
|
||||
|
||||
The library-internal _cfImageZoom...() API handles zooming of images
|
||||
with a data structure of type cf_izoom_t. This data structure contains
|
||||
a pointer to the original image, in cf_image_t format.
|
||||
|
||||
The _cfImageZoomNew() funtion gets a pointer to an existing cf_image_t
|
||||
structure as parameter, the image to work on. It stores the pointer in
|
||||
its cf_izoom_t structure. It never creates a cf_image_t image.
|
||||
|
||||
Because the _cfImageZoom...() API never creates a cf_image_t
|
||||
structure, it should also never free it. Therefore it is wrong that
|
||||
_cfImageZoomDelete() calls cfImageClose() which is the function to
|
||||
free a cf_image_t structure after use.
|
||||
|
||||
This was leading to double freeing, as the functions which create a
|
||||
cf_image_t structure always free it when done.
|
||||
|
||||
This caused https://github.com/OpenPrinting/cups-filters/issues/507
|
||||
---
|
||||
cupsfilters/image-zoom.c | 1 -
|
||||
1 file changed, 1 deletion(-)
|
||||
|
||||
diff --git a/cupsfilters/image-zoom.c b/cupsfilters/image-zoom.c
|
||||
index 04b28319..ca1b6823 100644
|
||||
--- a/cupsfilters/image-zoom.c
|
||||
+++ b/cupsfilters/image-zoom.c
|
||||
@@ -42,7 +42,6 @@ _cfImageZoomDelete(cf_izoom_t *z) // I - Zoom record to free
|
||||
free(z->rows[0]);
|
||||
free(z->rows[1]);
|
||||
free(z->in);
|
||||
- cfImageClose(z->img);
|
||||
free(z);
|
||||
}
|
||||
|
||||
--
|
||||
2.39.1
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
|
||||
Name: libcupsfilters
|
||||
Version: 2.0b3
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
Summary: Library for developing printing filters
|
||||
# the CUPS exception text is the same as LLVM exception, so using that name with
|
||||
# agreement from legal team
|
||||
@ -16,6 +16,8 @@ Source0: %{URL}/archive/%{version}/%{name}-%{version}.tar.gz
|
||||
# Patches
|
||||
# https://github.com/OpenPrinting/libcupsfilters/pull/11
|
||||
Patch001: 0001-Coverity-fixes.patch
|
||||
# https://github.com/OpenPrinting/libcupsfilters/commit/381636a
|
||||
Patch002: 0001-Do-not-free-cf_image_t-data-structure-in-_cfImageZoo.patch
|
||||
|
||||
|
||||
# for generating configure and Makefile scripts in autogen.h
|
||||
@ -196,6 +198,9 @@ rm -f %{buildroot}%{_pkgdocdir}/{LICENSE,COPYING,NOTICE}
|
||||
|
||||
|
||||
%changelog
|
||||
* Mon Feb 20 2023 Zdenek Dohnal <zdohnal@redhat.com> - 2.0b3-3
|
||||
- fix double free caused by coverity fix
|
||||
|
||||
* Wed Feb 15 2023 Zdenek Dohnal <zdohnal@redhat.com> - 2.0b3-2
|
||||
- remove Obsoletes for now
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user