scaled-font: Fix use after free when clearing the glyph cache

Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
author: Chris Wilson <chris@chris-wilson.co.uk> 2013-01-09 00:36:13 +0000
committer: Chris Wilson <chris@chris-wilson.co.uk> 2013-01-09 00:36:13 +0000
commit: a942938e90a219a0b88153f9fa96c606ce644ef1 (patch)
tree: d63db2786ed98946486c9eb44c2d62520f523cdd
parent: c5b353c3725a1a8c116b790df4206f060d64eb5c (diff)
download: cairo-a942938e90a219a0b88153f9fa96c606ce644ef1.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/src/cairo-scaled-font.c b/src/cairo-scaled-font.c
index aab69371f..97460c2cb 100644
--- a/src/cairo-scaled-font.c
+++ b/src/cairo-scaled-font.c
@@ -464,8 +464,8 @@ _cairo_scaled_glyph_page_destroy (cairo_scaled_font_t *scaled_font,
 				  &page->glyphs[n].hash_entry);
 	_cairo_scaled_glyph_fini (scaled_font, &page->glyphs[n]);
     }
-    cairo_list_del (&page->link);
 
+    cairo_list_del (&page->link);
     free (page);
 }
 
@@ -827,11 +827,12 @@ _cairo_scaled_font_reset_cache (cairo_scaled_font_t *scaled_font)
 	    cairo_list_first_entry (&scaled_font->glyph_pages,
 				    cairo_scaled_glyph_page_t,
 				    link);
-	_cairo_scaled_glyph_page_destroy (scaled_font, page);
 
 	cairo_scaled_glyph_page_cache.size -= page->cache_entry.size;
 	_cairo_hash_table_remove (cairo_scaled_glyph_page_cache.hash_table,
 				  (cairo_hash_entry_t *) &page->cache_entry);
+
+	_cairo_scaled_glyph_page_destroy (scaled_font, page);
     }
     CAIRO_MUTEX_UNLOCK (_cairo_scaled_glyph_page_cache_mutex);
     CAIRO_MUTEX_UNLOCK (scaled_font->mutex);
author	Chris Wilson <chris@chris-wilson.co.uk>	2013-01-09 00:36:13 +0000
committer	Chris Wilson <chris@chris-wilson.co.uk>	2013-01-09 00:36:13 +0000
commit	a942938e90a219a0b88153f9fa96c606ce644ef1 (patch)
tree	d63db2786ed98946486c9eb44c2d62520f523cdd
parent	c5b353c3725a1a8c116b790df4206f060d64eb5c (diff)
download	cairo-a942938e90a219a0b88153f9fa96c606ce644ef1.tar.gz