[Spice-devel] [PATCH] server/red_worker: seamless: fix invalid memory reference
Alon Levy
alevy at redhat.com
Thu Aug 30 04:38:11 PDT 2012
replace add_ref with add for stack allocated SpiceMigrateDataDisplay.
This fixes wrong MIGRATE_DATA message in display channel (symptom is
glz_encoder_max being way too big, and malloc failure at target) seen on
F18 with gcc-4.7.1-5.fc18.x86_64 and glibc-2.16-8.fc18.x86_64 (didn't
appear on RHEL 6).
---
server/red_worker.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/server/red_worker.c b/server/red_worker.c
index 28fed60..68e6271 100644
--- a/server/red_worker.c
+++ b/server/red_worker.c
@@ -8436,7 +8436,7 @@ static void display_channel_marshall_migrate_data(RedChannelClient *rcc,
{
DisplayChannel *display_channel;
DisplayChannelClient *dcc = RCC_TO_DCC(rcc);
- SpiceMigrateDataDisplay display_data;
+ SpiceMigrateDataDisplay display_data = {0,};
display_channel = SPICE_CONTAINEROF(rcc->channel, DisplayChannel, common.base);
@@ -8465,8 +8465,8 @@ static void display_channel_marshall_migrate_data(RedChannelClient *rcc,
&dcc->glz_data.usr);
/* all data besided the surfaces ref */
- spice_marshaller_add_ref(base_marshaller,
- (uint8_t *)&display_data, sizeof(display_data) - sizeof(uint32_t));
+ spice_marshaller_add(base_marshaller,
+ (uint8_t *)&display_data, sizeof(display_data) - sizeof(uint32_t));
display_channel_marshall_migrate_data_surfaces(dcc, base_marshaller,
display_channel->enable_jpeg);
}
--
1.7.12
More information about the Spice-devel
mailing list