From: magras <dr.magras@gmail.com>
Date: Thu, 28 Feb 2019 01:56:01 +0000 (+0300)
Subject: fix use after free in font caching algorithm
X-Git-Url: https://git.xinqibao.xyz/st.git/commitdiff_plain/a8cb8e94547d7e31441d2444e8a196415e3e4c1f?ds=inline;hp=a8cb8e94547d7e31441d2444e8a196415e3e4c1f

fix use after free in font caching algorithm

Current font caching algorithm contains a use after free error. A font
removed from `frc` might be still listed in `wx.specbuf`. It will lead
to a crash inside `XftDrawGlyphFontSpec()`.

Steps to reproduce:
$ st -f 'Misc Tamsyn:scalable=false'
$ curl https://www.cl.cam.ac.uk/~mgk25/ucs/examples/UTF-8-demo.txt

Of course, result depends on fonts installed on a system and fontconfig.
In my case, I'm getting consistent segfaults with different fonts.

I replaced a fixed array with a simple unbounded buffer with a constant
growth rate. Cache starts with a capacity of 0, gets increments by 16,
and never shrinks. On my machine after `cat UTF-8-demo.txt` buffer
reaches a capacity of 192. During casual use capacity stays at 0.
---