[osg-submissions] Fix for freetype plugin - would cause already freed memory write
Robert Osfield
robert.osfield at gmail.com
Mon Feb 18 06:22:44 PST 2008
Thanks Thibault, I've reviewed, merged and submitted your fix. Cheers, Robert.
On Feb 8, 2008 8:11 AM, Thibault Genessay <tibogens at gmail.com> wrote:
> Hi Robert,
>
> On Dec 16 you introduced a fix to remove internal use of ref_ptr<>'s.
> It contained a bug that would cause freed memory to be written again.
> Specifically, in FreeTypeLibrary::~FreeTypeLibrary(), calling
> font->setImplementation(0); deletes the content pointed to by the
> fontImplementation pointer, while the line the immediately follows
> tries to access it.
>
> My fix is to make the second instruction part of an else clause rather
> than always executed. This way, the fontImplementation->_facade = 0
> instruction is only executed when the font implementation is not set
> to 0 before (although I have no idea what it is here for and if this
> code path is ever followed, since I don't know the plugin's internals
> very well).
>
> Attached is the modified FreeTypeLibrary.cpp file.
>
> Regards
>
> Thibault
>
> _______________________________________________
> osg-submissions mailing list
> osg-submissions at lists.openscenegraph.org
> http://lists.openscenegraph.org/listinfo.cgi/osg-submissions-openscenegraph.org
>
>
More information about the osg-submissions
mailing list