libXfont2 - how to prevent memory leak?

Ulrich Sibiller ulrich.sibiller at gmail.com
Sat Oct 17 21:14:21 UTC 2020 

Hello,

I have some Xserver fork that uses a slightly adapted version of
dix/dixfonts.c:doListFontsAndAliases() for xorg-xserver.

Generally both the original and my version are working like this:
- init using FontFileStartListFonts(...,&private)
- loop until FontFileListNextFontOrAlias(...,private) returns BadFontName

The private data is malloc'ed by FontFileStartListFonts() and freed
only by FontFileListNextFontOrAlias() at some point. Only in that case
it will return BadFontName. In other words: If it returns BadFontName
that also means the private data has been freed.
FontFileListNextFontOrAlias() is the only place were the private data
is freed within libXfont2.

Now, the main difference in my case is that the loop is exited
prematurely if some condition is true. In that case the private data
will not have been freed. Valgrind find that and complains:

==15332== 2,500 (96 direct, 2,404 indirect) bytes in 6 blocks are
definitely lost in loss record 324 of 342
==15332==    at 0x4C2DB8F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15332==    by 0x5748B9E: FontFileStartListFonts (in
/usr/lib/x86_64-linux-gnu/libXfont.so.1.4.1)
==15332==    by 0x5748C4A: FontFileStartListFontsAndAliases (in
/usr/lib/x86_64-linux-gnu/libXfont.so.1.4.1)
==15332==    by 0x42859A: nxdoListFontsAndAliases (NXdixfonts.c:1163)
==15332==    by 0x42C0E0: nxOpenFont (NXdixfonts.c:1541)
==15332==    by 0x43392E: ProcOpenFont (NXdispatch.c:902)
==15332==    by 0x434585: Dispatch (NXdispatch.c:482)
==15332==    by 0x40EF77: main (main.c:355)

The private data format contains some more allocated data so just
calling free(private) is not freeing everything.

AFAICS there's no function call in libXfont that can be used for
freeing that private data. Internally libXfont uses a LFWIDataRec
structure for the private data but that structure is not public.

I can certainly clone the LFWIDataRec structure definition into my
code and free the data myself this way but this could break anytime if
libXfont changes the structure.

So I am looking for a better way to free that data without having to
run the loop to the end.

Shouldn't libXfont offer some additional FontFileEndListFonts() function?

Uli

PS:
- Source of FontFileListNextFontOrAlias
https://gitlab.freedesktop.org/xorg/lib/libxfont/-/blob/master/src/fontfile/fontfile.c#L1079
- Source of the code breaking the loop prematurely:
https://github.com/ArcticaProject/nx-libs/blob/3.6.x/nx-X11/programs/Xserver/hw/nxagent/NXdixfonts.c#L1204

More information about the xorg-devel mailing list