Bug 624317 - vncviewer memory leak at rfb::DecompressJpegRect (tightDecode.h:297)
vncviewer memory leak at rfb::DecompressJpegRect (tightDecode.h:297)
Product: Fedora
Classification: Fedora
Component: tigervnc (Show other bugs)
All Linux
low Severity medium
: ---
: ---
Assigned To: Adam Tkac
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2010-08-15 21:06 EDT by Tim Taiwanese Liim
Modified: 2013-04-30 19:46 EDT (History)
2 users (show)

See Also:
Fixed In Version: tigervnc-1.0.1-3.fc12
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2010-09-02 16:40:11 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Tim Taiwanese Liim 2010-08-15 21:06:12 EDT
Description of problem:
    Memory leak at rfb::DecompressJpegRect (tightDecode.h:297), where we
      JSAMPROW *rowPointer = new JSAMPROW[h];
    but there is no corresponding delete[] rowPointer.  My vncviewer
    reached >2GB in memory after 1 day when playing some slide show.

Version-Release number of selected component (if applicable):

How reproducible:
    always (at least when I runs slide show on my photo collection)

Steps to Reproduce:
    1. run valgrind to check for memory leak:
            valgrind --leak-check=full unix/vncviewer/vncviewer 
       to connect to a vnc server
    2. run some slide show in the vnc (not sure if this is necessary)
    3. wait for a few minutes.
    4. hit ctrl-C to interrupt.

Actual results:
    Valgrind reports memory leak at 
            rfb::DecompressJpegRect (tightDecode.h:297)
    See [1] below for detail.

Expected results:
    There should be no memory leak (at least no more than a few
    hundred kB).

Additional info:
    [1] report from valgrind after a few hours (115MB leaked):
       115,900,712 bytes in 235,469 blocks are definitely lost in loss 
             record 255 of 255
          at 0x4A055EC: operator new[](unsigned long) 
          by 0x42A630: rfb::DecompressJpegRect(rfb::Rect const&, 
             rdr::InStream*, unsigned int*, rfb::CMsgHandler*) 
          by 0x42C20C: rfb::tightDecode32(rfb::Rect const&, rdr::InStream*,
             rdr::ZlibInStream*, unsigned int*, rfb::CMsgHandler*) 
          by 0x440E9B: rfb::CMsgReader::readRect(rfb::Rect const&, 
             unsigned int) (CMsgReader.cxx:115)
          by 0x41AF81: rfb::CMsgReaderV3::readMsg() (CMsgReaderV3.cxx:94)
          by 0x413EDA: main (vncviewer.cxx:407)
Comment 1 Adam Tkac 2010-08-19 05:00:07 EDT
Right you are, thanks for the report. This issue will be fixed in the next update.
Comment 2 Tim Taiwanese Liim 2010-08-20 12:06:19 EDT
Glad that I can help!
Comment 3 Fedora Update System 2010-08-25 11:11:41 EDT
tigervnc-1.0.1-2.fc12 has been submitted as an update for Fedora 12.
Comment 4 Fedora Update System 2010-08-25 11:11:45 EDT
tigervnc-1.0.1-3.fc12 has been submitted as an update for Fedora 12.
Comment 5 Fedora Update System 2010-08-25 21:02:32 EDT
tigervnc-1.0.1-3.fc12 has been pushed to the Fedora 12 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update tigervnc'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/tigervnc-1.0.1-3.fc12
Comment 6 Fedora Update System 2010-09-02 16:39:58 EDT
tigervnc-1.0.1-3.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.