diff options
| author | Robin Watts <robin.watts@artifex.com> | 2017-05-08 14:45:45 +0100 |
|---|---|---|
| committer | Robin Watts <robin.watts@artifex.com> | 2017-05-09 19:47:07 +0100 |
| commit | 6fc5eae8e9bf4658658163fdefca9950f6320c65 (patch) | |
| tree | 9a6114523756cdd4f5646702a4b41626732a6a4e /include | |
| parent | 8baa9e7d6ec43792bc1545b840d28254e5f6caac (diff) | |
| download | mupdf-6fc5eae8e9bf4658658163fdefca9950f6320c65.tar.xz | |
Fix key_storable operations leading to leaks of fz_image.
key_storable objects can either be freed 'directly' by an API call
(such as fz_drop_image), or 'internally' by the store realising that
the sole thing holding onto a key_storable is a key.
The current code frees more structure in the direct call than it
does in the internal call. Clearly this is wrong and leads to
leaks.
The fix is to do ALL the freeing in the internal 'drop' function
within the key_storable.
This means we don't need (or want) either fz_drop_key_storable_key or
fz_drop_key_storable to return an int to tell us whether they were
actually dropped, so we make that change to simplify the code.
This shifts the responsibility for freeing the extra internal
structure into the innermost drop functions - fz_drop_image_imp and
fz_drop_image_gprf_imp. To avoid duplicating code, we put the
extra freeing logic into a fz_drop_image_base function.
Diffstat (limited to 'include')
| -rw-r--r-- | include/mupdf/fitz/image.h | 1 | ||||
| -rw-r--r-- | include/mupdf/fitz/store.h | 4 |
2 files changed, 3 insertions, 2 deletions
diff --git a/include/mupdf/fitz/image.h b/include/mupdf/fitz/image.h index 5d363332..8a8f5007 100644 --- a/include/mupdf/fitz/image.h +++ b/include/mupdf/fitz/image.h @@ -230,6 +230,7 @@ fz_image *fz_new_image_from_buffer(fz_context *ctx, fz_buffer *buffer); fz_image *fz_new_image_from_file(fz_context *ctx, const char *path); void fz_drop_image_imp(fz_context *ctx, fz_storable *image); +void fz_drop_image_base(fz_context *ctx, fz_image *image); fz_pixmap *fz_decomp_image_from_stream(fz_context *ctx, fz_stream *stm, fz_compressed_image *image, fz_irect *subarea, int indexed, int l2factor); fz_pixmap *fz_expand_indexed_pixmap(fz_context *ctx, const fz_pixmap *src, int alpha); size_t fz_image_size(fz_context *ctx, fz_image *im); diff --git a/include/mupdf/fitz/store.h b/include/mupdf/fitz/store.h index 81c7c1e2..6eab5064 100644 --- a/include/mupdf/fitz/store.h +++ b/include/mupdf/fitz/store.h @@ -55,10 +55,10 @@ void *fz_keep_storable(fz_context *, const fz_storable *); void fz_drop_storable(fz_context *, const fz_storable *); void *fz_keep_key_storable(fz_context *, const fz_key_storable *); -int fz_drop_key_storable(fz_context *, const fz_key_storable *); +void fz_drop_key_storable(fz_context *, const fz_key_storable *); void *fz_keep_key_storable_key(fz_context *, const fz_key_storable *); -int fz_drop_key_storable_key(fz_context *, const fz_key_storable *); +void fz_drop_key_storable_key(fz_context *, const fz_key_storable *); static inline int fz_key_storable_needs_reaping(fz_context *ctx, const fz_key_storable *ks) { |