[Spice-devel] [PATCH spice-common 2/5] canvas: Remove possible leak on LZ decompression failure
Frediano Ziglio
fziglio at redhat.com
Wed Jan 17 15:55:17 UTC 2018
longjmp can happen in different places, even after the palette
is allocated so we need to free it if it got allocated.
Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
---
common/canvas_base.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/common/canvas_base.c b/common/canvas_base.c
index f4f301c..b9ba37c 100644
--- a/common/canvas_base.c
+++ b/common/canvas_base.c
@@ -783,15 +783,17 @@ static pixman_image_t *canvas_get_lz(CanvasBase *canvas, SpiceImage *image,
int top_down;
int stride_encoded;
int stride;
- int free_palette;
+ int free_palette = FALSE;
if (setjmp(lz_data->jmp_env)) {
+ if (free_palette) {
+ free(palette);
+ }
free(decomp_buf);
spice_warning("%s", lz_data->message_buf);
return NULL;
}
- free_palette = FALSE;
if (image->descriptor.type == SPICE_IMAGE_TYPE_LZ_RGB) {
spice_return_val_if_fail(image->u.lz_rgb.data->num_chunks == 1, NULL); /* TODO: Handle chunks */
comp_buf = image->u.lz_rgb.data->chunk[0].data;
--
2.14.3
More information about the Spice-devel
mailing list