From 432e00db2e99d4dbb6533df72855718797cd93b2 Mon Sep 17 00:00:00 2001
From: Werner Lemberg <wl@gnu.org>
Date: Sun, 24 Apr 2016 08:14:07 +0200
Subject: [PATCH] [truetype] Fix deallocation in case of error (#47726).

* src/truetype/ttgload.c (load_truetype_glyph): Initialize fields in
`outline' that are going to be deallocated in case of error.
---
 ChangeLog              | 7 +++++++
 src/base/ftoutln.c     | 2 +-
 src/truetype/ttgload.c | 3 +++
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 43ba8c6a7..2db583daf 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2016-04-24  Werner Lemberg  <wl@gnu.org>
+
+	[truetype] Fix deallocation in case of error (#47726).
+
+	* src/truetype/ttgload.c (load_truetype_glyph): Initialize fields in
+	`outline' that are going to be deallocated in case of error.
+
 2016-04-23  Werner Lemberg  <wl@gnu.org>
 
 	[autofit] Improve Georgian blue zone characters.
diff --git a/src/base/ftoutln.c b/src/base/ftoutln.c
index fa2d2cf65..fc28225c6 100644
--- a/src/base/ftoutln.c
+++ b/src/base/ftoutln.c
@@ -42,7 +42,7 @@
 
 
   static
-  const FT_Outline  null_outline = { 0, 0, 0, 0, 0, 0 };
+  const FT_Outline  null_outline = { 0, 0, NULL, NULL, NULL, 0 };
 
 
   /* documentation is in ftoutln.h */
diff --git a/src/truetype/ttgload.c b/src/truetype/ttgload.c
index d1cb3576d..c4038ee77 100644
--- a/src/truetype/ttgload.c
+++ b/src/truetype/ttgload.c
@@ -1704,6 +1704,9 @@
         outline.n_points   = (short)( gloader->current.num_subglyphs + 4 );
         outline.n_contours = outline.n_points;
 
+        outline.tags     = NULL;
+        outline.contours = NULL;
+
         if ( FT_NEW_ARRAY( points, outline.n_points )   ||
              FT_NEW_ARRAY( tags, outline.n_points )     ||
              FT_NEW_ARRAY( contours, outline.n_points ) )