media-libs/freetype-2.1 contains a big memory leak. After emerging freetype-2.2 the leak disappeared.
Created attachment 108378 [details] valgrind output with freetype 2.1 The memory leak: ==12157== 97,950,488 bytes in 1,579 blocks are definitely lost in loss record 228 of 228 ==12157== at 0x4A1FAB0: malloc (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==12157== by 0x7469A4F: ft_mem_qalloc (in /usr/lib64/libfreetype.so.6.3.8) ==12157== by 0x746DED3: ft_mem_alloc (in /usr/lib64/libfreetype.so.6.3.8) ==12157== by 0x746E982: ft_mem_qrealloc (in /usr/lib64/libfreetype.so.6.3.8) ==12157== by 0x746E9F7: ft_mem_realloc (in /usr/lib64/libfreetype.so.6.3.8) ==12157== by 0x74A30BD: (within /usr/lib64/libfreetype.so.6.3.8) ==12157== by 0x74A3461: (within /usr/lib64/libfreetype.so.6.3.8) ==12157== by 0x74A7F62: (within /usr/lib64/libfreetype.so.6.3.8) ==12157== by 0x746E27B: FT_New_Size (in /usr/lib64/libfreetype.so.6.3.8) ==12157== by 0x746F919: FT_Open_Face (in /usr/lib64/libfreetype.so.6.3.8) ==12157== by 0x74702F3: FT_New_Memory_Face (in /usr/lib64/libfreetype.so.6.3.8) ==12157== by 0x97C9D6E: SplashFTFontFile::loadTrueTypeFont(SplashFTFontEngine*, SplashFontFileID*, SplashFontSrc*, unsigned short*, int, int) (in /usr/kde/3.5/lib64/kde3/libkpdfpart.so)
Created attachment 108380 [details] valgrind output with freetype 2.2 the leak disapperead
Foser, I suppose that this is the good moment to actually unmask the new freetype, if you fix the foobillard problem that has a patch already. If you don't say anything in, say, 10 days, I'll see to discuss with printing herd about taking care of the issue ourselves.
Freetype 2.2.1 is out of package.mask, will go stable after some testing.
Reopening in the security team scope, thanks to Flameeyes who pointed me the bug. Security team, do you consider this as a security issue? (DoS in a library) In such case, we would hurry up the stabilization of freetype-2.2.1 and perhaps issue a GLSA...
Security team, do you consider this as a security issue? (DoS in a library) In such case, we would hurry up the stabilization of freetype-2.2.1 and perhaps issue a GLSA...
Created attachment 118242 [details] freetype eating everything
Please mark "freetype-2.3.4" stable soon... it fixes this annoying problem (just open a PDF with KPDF, scroll it up and down and you get swappiness / OOM killer!). Maybe this screenshot explains it better ;)
So basically I should upgrade freetype and unmerge poppler? Thanks so much for the explanation. I hope I haven't caused too much chaos and work :/
all archs now have freetype-2.3 stable. pinging security to close this bug.
Closing this bug now it is fixed on all arches, noGLSA. Feel free to reopen if you disagree.