| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
On 64-bit windows, long is 32-bit. When compiling there are a large
number of warnings about mismatched sizes when casting long to/from a
pointer.
Use the (u)intptr_t type for any integer that will have a pointer stored
in it. Use a (u)intptr_t cast when integers are stored in pointers to
silence warnings.
Fixes #263
|
|
|
|
|
|
|
| |
Found via `codespell -i 3 -w -I ../cairo-word-whitelist.txt -L tim,ned,uint`
Follow up of 12cb59be7da
Reviewed-by: Bryce Harrington <bryce@bryceharrington.org>
|
|
|
|
|
|
|
|
|
|
| |
_cairo_malloc(0) always returns NULL, but has not been used
consistently. This patch replaces many calls to malloc() with
_cairo_malloc().
Fixes: fdo# 101547
CVE: CVE-2017-9814 Heap buffer overflow at cairo-truetype-subset.c:1299
Reviewed-by: Bryce Harrington <bryce@osg.samsung.com>
|
|
|
|
|
|
| |
fixes the warning:
warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to close a race between locking the backend and resurrecting a
font via the cache, we need to keep the font face alive until after we
take the backend lock. Once we have that lock, we can drop our reference
and test if that was the last. Otherwise we must abort the destroy().
This fixes the double-free exposed by multithreaded applications trying
to create and destroy the same font concurrently.
Reported-by: Weeble <clockworksaint@gmail.com>
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=69470
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
|
|
|
|
|
|
| |
The check for NULL and nil font faces is performed in the shared
code. There is no need to duplicate it (in fact, quartz-font and
ft-font don't do it).
|
|
|
|
|
|
| |
Since 03be41151d06d48d55bc1e172535829ec45a10cf, it is safe to use
cairo_font_face_reference () to increment the reference count of a
font taken from the hashtable, because no mutex is being locked twice.
|
|
|
|
|
|
| |
The assumption that no font face will hash to 0 is not correct.
Moreover, no special value is needed to mark fonts in error status, as
they can simply be detected upon lookup and destruction.
|
|
|
|
|
|
|
|
|
|
|
| |
I updated the Free Software Foundation address using the following script.
for i in $(git grep Temple | cut -d: -f1 )
do
sed -e 's/59 Temple Place[, -]* Suite 330, Boston, MA *02111-1307[, ]* USA/51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA/' -i "$i"
done
Fixes http://bugs.freedesktop.org/show_bug.cgi?id=21356
|
|
|
|
|
| |
A pending commit will want to include some utility code from cairo and
so we need to extricate the error handling from the PLT symbol hiding.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We refactor the surface fallbacks to convert full strokes and fills to the
intermediate polygon representation (as opposed to before where we
returned the trapezoidal representation). This allow greater flexibility
to choose how then to rasterize the polygon. Where possible we use the
local spans rasteriser for its increased performance, but still have the
option to use the tessellator instead (for example, with the current
Render protocol which does not yet have a polygon image).
In order to accommodate this, the spans interface is tweaked to accept
whole polygons instead of a path and the tessellator is tweaked for speed.
Performance Impact
==================
...
Still measuring, expecting some severe regressions.
...
|
|
|
|
|
|
|
|
|
| |
The lazy resolution of patterns was defeating the scaled_font cache as
ft-fonts that resolved to the same unscaled font were being given different
font-faces upon creation. We can keep the lazy resolution by simply asking
the ft backend to create a fully resolved ft-font-face when we need to
create a scaled-font. This font is then keyed by the resolved font-face
and so will match all future lazily resolved identical patterns.
|
|
|
|
|
|
|
|
|
| |
As noted by Carl during his LCA talk, caching of toy fonts was broken
because we create the scaled font using the implementation font face and
lose the reference to the containing font face that is cached by the toy
font face create routines. So the toy fonts were not being preserved for
the duration of the holdover scaled fonts and we recreated a new font
face, new scaled font and new glyph caches every time we needed a font.
|
|
|
|
|
|
|
|
|
|
| |
Paul Messmer provided a thorough analysis of a race between destroying the
final reference on a font and a concurrent recreation of the font -
demonstrating how it is possible for the create() to return the font that
was in the process of being freed.
To stop the race, we need to recheck the reference count upon taking the
mutex guarding the hash table.
|
|
|
|
|
|
| |
We failed to cleanup the font face correctly after an allocation failure
during _cairo_toy_font_face_init() leading to memleaks and live entries
being left in the font-face hash tables.
|
|
|
|
|
| |
Similar to the behaviour of the other objects, we return the default
conditions if the object is in any error (and not just a nil object).
|
|
|
|
|
| |
Though, the details are not documented yet. I'm not sure how much of it
I do want to document.
|
|
|