[OpenJDK 2D-Dev] RFR: [9] JDK-8132985, , Crash in freetypescaler.c due to double free
prasanta sadhukhan
prasanta.sadhukhan at oracle.com
Tue Sep 29 05:25:50 UTC 2015
Gentle reminder to approve and commit this change.
Regards
Prasanta
On 9/28/2015 10:49 AM, prasanta sadhukhan wrote:
> Hi Phil,Sergey,
>
> Could you please approve this fix?
> I have followed your comment regarding the test.
>
> Regards
> Prasanta
> On 9/25/2015 10:55 AM, prasanta sadhukhan wrote:
>> Hi All,
>>
>> Can this please be reviewed and approved please?
>>
>> Regards
>> Prasanta
>> On 9/21/2015 2:57 PM, prasanta sadhukhan wrote:
>>> Hi All,
>>>
>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8132985
>>> Webrev: http://cr.openjdk.java.net/~psadhukhan/8132985/webrev.00/
>>>
>>> Please review a bug fix whereby freeing a FT_StreamRec pointer leads
>>> to a crash.
>>> It was found that FT_Done_Face() frees the FT_StreamRec pointer if
>>> FT allocated memory for it internally.
>>> Since Java uses freetype, FT ends up allocating FT_StreamRec
>>> structure in Java's TypeFont1. We call FT_Done_Face(FT_Face)
>>> and also free(face->stream) resulting in double free causing crash.
>>> The solution is to maintain it's own copy of stream pointer so Java
>>> knows when it needs to free the stream pointer and when to
>>> leave it to FT.
>>>
>>> Regards
>>> Prasanta
>>
>
More information about the 2d-dev
mailing list