From 865e81749a6530a02f608dddae154b7b0bef827e Mon Sep 17 00:00:00 2001
From: Matt Brubeck <mbrubeck@limpet.net>
Date: Tue, 24 Oct 2017 15:43:28 -0700
Subject: [PATCH] Use actual size for old allocation in ft_realloc.

Prevents crashes from improperly freed memory.

Fixes #19008, fixes #18950, fixes #18949.
---
 components/gfx/platform/freetype/font_context.rs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/components/gfx/platform/freetype/font_context.rs b/components/gfx/platform/freetype/font_context.rs
index 8456e2cade26..f4a0745eb2c6 100644
--- a/components/gfx/platform/freetype/font_context.rs
+++ b/components/gfx/platform/freetype/font_context.rs
@@ -51,13 +51,13 @@ extern fn ft_free(mem: FT_Memory, ptr: *mut c_void) {
     }
 }
 
-extern fn ft_realloc(mem: FT_Memory, old_size: c_long, new_req_size: c_long,
+extern fn ft_realloc(mem: FT_Memory, _old_size: c_long, new_req_size: c_long,
                      old_ptr: *mut c_void) -> *mut c_void {
     let old_actual_size;
     let mut vec;
     unsafe {
         old_actual_size = usable_size(old_ptr as *const _);
-        let old_size = old_size as usize;
+        let old_size = old_actual_size as usize;
         vec = Vec::<u8>::from_raw_parts(old_ptr as *mut u8, old_size, old_size);
     };