Prevent SEGV when resizing with GFX
The xrdp_enc_data contains a union for handling surface commands and gfx commands. Memory processing is different for these two options. The default destructor for the encoder FIFO only knows about surface commands. Consequently, if the encoder has queued GFX data when the encoder is closed, the destructor processes the queued data as if it contained surface commands rather than GFX commands. This typically causes a SEGV as the drects field of the overlaid surface command structure is not pointing at anything valid when it is freed.
This commit is contained in:
matt335672
parent
8048a63b49
commit
809df89c08
@ -88,8 +88,15 @@ static void
|
||||
xrdp_enc_data_destructor(void *item, void *closure)
|
||||
{
|
||||
XRDP_ENC_DATA *enc = (XRDP_ENC_DATA *)item;
|
||||
g_free(enc->u.sc.drects);
|
||||
g_free(enc->u.sc.crects);
|
||||
if (ENC_IS_BIT_SET(enc->flags, ENC_FLAGS_GFX_BIT))
|
||||
{
|
||||
g_free(enc->u.gfx.cmd);
|
||||
}
|
||||
else
|
||||
{
|
||||
g_free(enc->u.sc.drects);
|
||||
g_free(enc->u.sc.crects);
|
||||
}
|
||||
g_free(enc);
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user