Note:
This project will be discontinued after December 13, 2021. [more]
2018-12-05
cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free(): invalid pointer" error.
| Products | Cairo |
| Type | Use After Free (CWE-416) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://bugs.webkit.org/show_bug.cgi?id=191595
• https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5 |