color-device: Don't close lcms profile on error from cd_icc_load_handle
As implemented in colord 1.4.6, cd_icc_load_handle() has three possible results: 1. success, taking ownership of the profile; 2. failure because cmsGetProfileContextID returns NULL, *not* taking ownership of the profile; 3. failure in cd_icc_load(), taking ownership of the profile. The previous commit ensures that we are not in case 2. In case 3 where cd_icc_load() fails, ownership was already given to the colord CdIcc object, so it will be freed when the g_autoptr unrefs the CdIcc, and we must not free it again: that would be a double-free, potentially resulting in memory corruption. Resolves: https://gitlab.gnome.org/GNOME/mutter/-/issues/2659 Signed-off-by: Simon McVittie <smcv@debian.org> Part-of: <https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/2877>
This commit is contained in:
parent
e2be2d271b
commit
ed12df1099
1 changed files with 3 additions and 5 deletions
|
@ -889,12 +889,10 @@ create_icc_profile_from_edid (MetaColorDevice *color_device,
|
|||
cmsSetHeaderRenderingIntent (lcms_profile, INTENT_PERCEPTUAL);
|
||||
cmsSetDeviceClass (lcms_profile, cmsSigDisplayClass);
|
||||
|
||||
if (!cd_icc_load_handle (cd_icc, lcms_profile,
|
||||
g_warn_if_fail (cmsGetProfileContextID (lcms_profile));
|
||||
if (!cd_icc_load_handle (cd_icc, g_steal_pointer (&lcms_profile),
|
||||
CD_ICC_LOAD_FLAGS_PRIMARIES, error))
|
||||
{
|
||||
cmsCloseProfile (lcms_profile);
|
||||
return NULL;
|
||||
}
|
||||
return NULL;
|
||||
|
||||
cd_icc_add_metadata (cd_icc, CD_PROFILE_PROPERTY_FILENAME, file_path);
|
||||
cd_icc_add_metadata (cd_icc,
|
||||
|
|
Loading…
Reference in a new issue