Overview

File U_tigervnc-delete-underlying-ssecurity-in-SSecurityVeNCrypt.patch of Package tigervnc.openSUSE_Leap_42.2_Update

Git-commit: 8f3e8663b3cf57c0b62d939d6953fbfcc112aadd
Patch-Mainline: Upstream
References: bnc#1031886
From: Michal Srb <michalsrb@gmail.com>
Subject: Delete underlying ssecurity in SSecurityVeNCrypt.

Otherwise it gets leaked which would allow even not authenticated clients to exhaust server memory.

diff --git a/common/rfb/SSecurityVeNCrypt.cxx b/common/rfb/SSecurityVeNCrypt.cxx
index 7c13749..ce6c71b 100644
--- a/common/rfb/SSecurityVeNCrypt.cxx
+++ b/common/rfb/SSecurityVeNCrypt.cxx
@@ -55,6 +55,8 @@ SSecurityVeNCrypt::SSecurityVeNCrypt(SecurityServer *sec) : security(sec)
 
 SSecurityVeNCrypt::~SSecurityVeNCrypt()
 {
+  delete ssecurity;
+
   if (subTypes) {
     delete [] subTypes;
     subTypes = NULL;
openSUSE Build Service is sponsored by
Places