The title says it all really. I discovered this when by forcing random heap allocation failures - a technique we used to use at Symbian.
If this line fails in ft_glyphslot_init if ( FT_NEW( internal ) ) then slot->internal is null, and when FT_New_GlyphSlot detects the error and calls ft_glyphslot_done, it calls ft_glyphslot_free_bitmap. which dies with a null pointer access. FT_BASE_DEF( void ) ft_glyphslot_free_bitmap( FT_GlyphSlot slot ) { if ( slot->internal->flags & FT_GLYPH_OWN_BITMAP ) // CRASH! { FT_Memory memory = FT_FACE_MEMORY( slot->face ); FT_FREE( slot->bitmap.buffer ); slot->internal->flags &= ~FT_GLYPH_OWN_BITMAP; } else { /* assume that the bitmap buffer was stolen or not */ /* allocated from the heap */ slot->bitmap.buffer = NULL; } } Suggested fix : change if ( slot->internal->flags & FT_GLYPH_OWN_BITMAP ) to if (slot && (slot->internal->flags & FT_GLYPH_OWN_BITMAP) ) Best regards, Graham Asher _______________________________________________ Freetype-devel mailing list Freetype-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/freetype-devel