Use _cairo_malloc instead of malloc

_cairo_malloc(0) always returns NULL, but has not been used
consistently.  This patch replaces many calls to malloc() with
_cairo_malloc().

Fixes:  fdo# 101547
CVE: CVE-2017-9814 Heap buffer overflow at cairo-truetype-subset.c:1299
Reviewed-by: Bryce Harrington <bryce@osg.samsung.com>

1 files changed, 4 insertions, 4 deletions

diff --git a/src/cairo-xlib-render-compositor.c b/src/cairo-xlib-render-compositor.c
index 4b75109e0..0db59a8a6 100644
--- a/src/cairo-xlib-render-compositor.c
+++ b/src/cairo-xlib-render-compositor.c
@@ -989,7 +989,7 @@ _cairo_xlib_font_create (cairo_xlib_display_t *display,
     cairo_xlib_font_t *priv;
     int i;
 
-    priv = malloc (sizeof (cairo_xlib_font_t));
+    priv = _cairo_malloc (sizeof (cairo_xlib_font_t));
     if (unlikely (priv == NULL))
 	return NULL;
 
@@ -1089,7 +1089,7 @@ _cairo_xlib_glyph_attach (cairo_xlib_display_t	*display,
 {
     cairo_xlib_glyph_private_t *priv;
 
-    priv = malloc (sizeof (*priv));
+    priv = _cairo_malloc (sizeof (*priv));
     if (unlikely (priv == NULL))
 	return _cairo_error (CAIRO_STATUS_NO_MEMORY);
 
@@ -1290,7 +1290,7 @@ _cairo_xlib_surface_add_glyph (cairo_xlib_display_t *display,
 	    if (c == 0)
 		break;
 
-	    new = malloc (c);
+	    new = _cairo_malloc (c);
 	    if (!new) {
 		status = _cairo_error (CAIRO_STATUS_NO_MEMORY);
 		goto BAIL;
@@ -1318,7 +1318,7 @@ _cairo_xlib_surface_add_glyph (cairo_xlib_display_t *display,
 	    if (c == 0)
 		break;
 
-	    new = malloc (4 * c);
+	    new = _cairo_malloc (4 * c);
 	    if (unlikely (new == NULL)) {
 		status = _cairo_error (CAIRO_STATUS_NO_MEMORY);
 		goto BAIL;