Re: [PATCH 1/3] compositor-rdp: fix leak of frame bitmap in raw mode

Sun, 09 Jul 2017 05:42:08 -0700 

Le 06/07/2017 à 12:06, Olivier Blin a écrit :
> In rdp_peer_refresh_raw(), cmd->bitmapData was reallocated, but never freed.
> 
> The cmd content (actually peer->update->surface_bits_command) was
> re-initialized to zero at the beginning of the function, losing the
> pointer to the previously allocated bitmap data.
> 
> Move the bitmap data in the peer->context structure instead, so that
> it can be reused for every frame, and freed at destruction.
> ---
>  libweston/compositor-rdp.c | 9 ++++++++-
>  1 file changed, 8 insertions(+), 1 deletion(-)
> 
> diff --git a/libweston/compositor-rdp.c b/libweston/compositor-rdp.c
> index 091472b0..7b1ab06d 100644
> --- a/libweston/compositor-rdp.c
> +++ b/libweston/compositor-rdp.c
> @@ -142,6 +142,7 @@ struct rdp_peer_context {
>       wStream *encode_stream;
>       RFX_RECT *rfx_rects;
>       NSC_CONTEXT *nsc_context;
> +     BYTE * bitmapData;
>  
>       struct rdp_peers_item item;
>  };
> @@ -312,7 +313,10 @@ rdp_peer_refresh_raw(pixman_region32_t *region, 
> pixman_image_t *image, freerdp_p
>                          cmd->destTop = top;
>                          cmd->destBottom = top + cmd->height;
>                          cmd->bitmapDataLength = cmd->width * cmd->height * 4;
> -                        cmd->bitmapData = (BYTE *)realloc(cmd->bitmapData, 
> cmd->bitmapDataLength);
> +
> +                        RdpPeerContext *context = (RdpPeerContext 
> *)peer->context;
> +                        context->bitmapData = (BYTE 
> *)realloc(context->bitmapData, cmd->bitmapDataLength);
> +                        cmd->bitmapData = context->bitmapData;
>  
>                          subrect.y1 = top;
>                          subrect.y2 = top + cmd->height;
> @@ -659,6 +663,7 @@ int rdp_implant_listener(struct rdp_backend *b, 
> freerdp_listener* instance)
>  static FREERDP_CB_RET_TYPE
>  rdp_peer_context_new(freerdp_peer* client, RdpPeerContext* context)
>  {
> +     context->bitmapData = NULL;
>       context->item.peer = client;
>       context->item.flags = RDP_PEER_OUTPUT_ENABLED;
>  
> @@ -715,6 +720,8 @@ rdp_peer_context_free(freerdp_peer* client, 
> RdpPeerContext* context)
>                * but it would crash on reconnect */
>       }
>  
> +     free(context->bitmapData);
> +
>       Stream_Free(context->encode_stream, TRUE);
>       nsc_context_free(context->nsc_context);
>       rfx_context_free(context->rfx_context);
> 

Reviewed-by: David Fort <cont...@hardening-consulting.com>

-- 
David FORT
website: http://www.hardening-consulting.com/

_______________________________________________
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/wayland-devel

Reply via email to