From e0044468e39e25c35d79c50d015c170b41faf428 Mon Sep 17 00:00:00 2001 From: Stephen Heumann Date: Tue, 29 Sep 2015 17:20:33 -0500 Subject: [PATCH] Fix a memory leak in ReadFixup. The buffer from the last read is still left around until the next one, but this should usually be fairly small, and it's the same behavior as the main DoReadTCP routine. --- vncsession.cc | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/vncsession.cc b/vncsession.cc index 5ae1847..2a02a48 100644 --- a/vncsession.cc +++ b/vncsession.cc @@ -302,6 +302,13 @@ BOOLEAN DoWaitingReadTCP(unsigned long dataLength) { /* Fix things when TCPIPReadTCP returns less data than it's supposed to */ BOOLEAN ReadFixup (unsigned long requested, unsigned long returned) { static rrBuff theRRBuff; + static void **fixupBufferHndl = NULL; + + if (fixupBufferHndl == NULL) { + fixupBufferHndl = NewHandle(requested-returned, userid(), 0, NULL); + if (toolerror()) + return FALSE; + } SetHandleSize(requested, readBufferHndl); if (toolerror()) @@ -309,7 +316,7 @@ BOOLEAN ReadFixup (unsigned long requested, unsigned long returned) { do { TCPIPPoll(); - if ((tcperr = TCPIPReadTCP(hostIpid, buffTypeNewHandle, NULL, + if ((tcperr = TCPIPReadTCP(hostIpid, buffTypeHandle, (Ref)fixupBufferHndl, requested-returned, &theRRBuff)) != tcperrOK) return FALSE; if (toolerror()) @@ -318,7 +325,7 @@ BOOLEAN ReadFixup (unsigned long requested, unsigned long returned) { if (theRRBuff.rrBuffCount == 0) /* To avoid infinite loops */ return FALSE; - HandToPtr(theRRBuff.rrBuffHandle, (char *)*readBufferHndl + returned, + HandToPtr(fixupBufferHndl, (char *)*readBufferHndl + returned, theRRBuff.rrBuffCount); returned += theRRBuff.rrBuffCount;