[Webkit-unassigned] [Bug 24592] [GTK] Crash in FcPatternHash
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Mar 15 00:42:19 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=24592
------- Comment #1 from xan.lopez at gmail.com 2009-03-15 00:42 PDT -------
Just had this again, and it's crashing when trying to access the first pattern
element in here:
FcChar32
FcPatternHash (const FcPattern *p)
{
int i;
FcChar32 h = 0;
FcPatternElt *pe = FcPatternElts(p);
for (i = 0; i < p->num; i++)
{
h = (((h << 1) | (h >> 31)) ^
pe[i].object ^ // <--- crash
FcValueListHash (FcPatternEltValues(&pe[i])));
}
so it seems we are passing an already deleted pattern to the function.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list