xref: /OK3568_Linux_fs/yocto/poky/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1CVE: CVE-2018-19876
2Upstream-Status: Backport
3Signed-off-by: Ross Burton <ross.burton@intel.com>
4
5From 90e85c2493fdfa3551f202ff10282463f1e36645 Mon Sep 17 00:00:00 2001
6From: Carlos Garcia Campos <cgarcia@igalia.com>
7Date: Mon, 19 Nov 2018 12:33:07 +0100
8Subject: [PATCH] ft: Use FT_Done_MM_Var instead of free when available in
9 cairo_ft_apply_variations
10
11Fixes a crash when using freetype >= 2.9
12---
13 src/cairo-ft-font.c | 4 ++++
14 1 file changed, 4 insertions(+)
15
16diff --git a/src/cairo-ft-font.c b/src/cairo-ft-font.c
17index 325dd61b4..981973f78 100644
18--- a/src/cairo-ft-font.c
19+++ b/src/cairo-ft-font.c
20@@ -2393,7 +2393,11 @@ skip:
21 done:
22         free (coords);
23         free (current_coords);
24+#if HAVE_FT_DONE_MM_VAR
25+        FT_Done_MM_Var (face->glyph->library, ft_mm_var);
26+#else
27         free (ft_mm_var);
28+#endif
29     }
30 }
31
32--
332.11.0
34
35