From: Peter Michael Green <plugwash@raspbian.org>
Date: Wed, 1 Apr 2020 17:53:42 +0000 (+0100)
Subject: Disable call to SplineFontFree in _MergeFont
X-Git-Tag: archive/raspbian/1%20201107_dfsg-2+rpi1~2
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=af29d9066927814afde9e7b08d0f02339071815b;p=fontforge.git

Disable call to SplineFontFree in _MergeFont

works around use after  free bug (see debian bug 948876) at the cost of
probablly causing a memory leak.

Gbp-Pq: Name 4000-use-after-free-hack.patch
---

diff --git a/fontforge/fvfonts.c b/fontforge/fvfonts.c
index b54e40e..d276b86 100644
--- a/fontforge/fvfonts.c
+++ b/fontforge/fvfonts.c
@@ -1157,8 +1157,8 @@ static void _MergeFont(SplineFont *into,SplineFont *other,struct sfmergecontext
     free(mapping);
     GlyphHashFree(into);
     MergeFixupRefChars(into);
-    if ( other->fv==NULL )
-	SplineFontFree(other);
+//    if ( other->fv==NULL )
+//	SplineFontFree(other);
     into->changed = true;
     FontViewReformatAll(into);
     GlyphHashFree(into);