Not sure whether I should ACK since it's basically my patch, but
Acked-by: Jonathon Jongsma <jjongsma@xxxxxxxxxx>
On Thu, 2016-09-22 at 09:29 +0100, Frediano Ziglio wrote:
> Avoid to free invalid pointer.
>
> Signed-off-by: Frediano Ziglio <fziglio@xxxxxxxxxx>
> ---
> server/red-replay-qxl.c | 11 +++++++++--
> 1 file changed, 9 insertions(+), 2 deletions(-)
>
> Changes since v2:
> - better encapsulation (Jonathon)
>
> I have the sensation that Quic code is broken.. but this is
> not related to this patch.
>
> diff --git a/server/red-replay-qxl.c b/server/red-replay-qxl.c
> index e95cf91..b5baded 100644
> --- a/server/red-replay-qxl.c
> +++ b/server/red-replay-qxl.c
> @@ -113,6 +113,13 @@ static inline void replay_free(SpiceReplay
> *replay, void *mem)
> free(mem);
> }
>
> +static inline void *replay_realloc(SpiceReplay *replay, void *mem,
> size_t n_bytes)
> +{
> + GList *elem = g_list_find(replay->allocated, mem);
> + elem->data = spice_realloc(mem, n_bytes);
> + return elem->data;
> +}
> +
> static uint32_t replay_id_get(SpiceReplay *replay, uint32_t id)
> {
> uint32_t newid = 0;
> @@ -486,8 +493,8 @@ static QXLImage *red_replay_image(SpiceReplay
> *replay, uint32_t flags)
> if (replay->error) {
> return NULL;
> }
> - qxl = realloc(qxl, sizeof(QXLImageDescriptor) +
> sizeof(QXLQUICData) +
> - qxl->quic.data_size);
> + qxl = replay_realloc(replay, qxl, sizeof(QXLImageDescriptor)
> + sizeof(QXLQUICData) +
> + qxl->quic.data_size);
> size = red_replay_data_chunks(replay, "quic.data",
> (uint8_t**)&qxl->quic.data, 0);
> spice_assert(size == qxl->quic.data_size);
> break;
_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/spice-devel