[v2,7/8] type1-subset: Fix incorrect null ptr check from find_token() (CID #1160662)

Submitted by Bryce Harrington on June 13, 2018, 12:35 a.m.

Details

Message ID 1528850138-30405-8-git-send-email-bryce@bryceharrington.org
State New
Headers show
Series "Coverity fixes" ( rev: 2 ) in Cairo

Not browsing as part of any series.

Commit Message

Bryce Harrington June 13, 2018, 12:35 a.m.
subrs was already tested for NULL prior to this, and will never be NULL
at this point.  Meanwhile, find_token()'s return is unchecked (it can
return NULL and is checked in all other calls).  Quite clearly, this is
a copy-paste error from the prior find_token call, and the intent was to
check array_start not subrs.

Coverity ID: #1160662

Signed-off-by: Bryce Harrington <bryce@bryceharrington.org>
---
 src/cairo-type1-subset.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/src/cairo-type1-subset.c b/src/cairo-type1-subset.c
index 89cb96f..5f07456 100644
--- a/src/cairo-type1-subset.c
+++ b/src/cairo-type1-subset.c
@@ -1331,7 +1331,7 @@  cairo_type1_font_subset_write_private_dict (cairo_type1_font_subset_t *font,
 
     /* look for "dup" which marks the beginning of the first subr */
     array_start = find_token (subr_count_end, font->cleartext_end, "dup");
-    if (subrs == NULL)
+    if (array_start == NULL)
 	return CAIRO_INT_STATUS_UNSUPPORTED;
 
     /* Read in the subroutines */