1431637 - direct leak in qcms_transform_precacheLUT_float

Status: RESOLVED FIXED

(Core :: Graphics, defect, P3)

Description

[u473386]

User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.98 Safari/537.36

Steps to reproduce:

==7745==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 431244 byte(s) in 1 object(s) allocated from:
    ...
    #1 0x521079 in qcms_transform_precacheLUT_float transform.c:1162:8

https://dxr.mozilla.org/mozilla-central/rev/e4107773cffb1baefd5446666fce22c4d6eb0517/gfx/qcms/transform.c#1162

The problem is that src becomes lut later.

https://dxr.mozilla.org/mozilla-central/rev/e4107773cffb1baefd5446666fce22c4d6eb0517/gfx/qcms/transform.c#1178

I made a simple patch.

--- a/qcms/transform.c
+++ b/qcms/transform.c
@@ -995,6 +995,10 @@
 	free(t->output_gamma_lut_g);
 	free(t->output_gamma_lut_b);
 
+	/* src in qcms_chain_transform */
+	if (t->r_clut)
+		free(t->r_clut);
+
 	transform_free(t);
 }

Comment 1

[u473386]

Correction.

+	/* src or dest in qcms_chain_transform */

Comment 2

[Lee Salzman [:lsalzman]]

Attachment: free qcms_transform r_clut

pdknsk, your analysis of the situation seems correct. I've rolled this into a patch. The comments have been elaborated a bit, but otherwise the semantics of the patch are the same and sufficient.

Comment 3

[Pulsebot]

Pushed by lsalzman@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/73255f988eb1
free qcms_transform r_clut. r=jrmuizel

Comment 4

[Tiberius Oros[:tiberius_oros]]

https://hg.mozilla.org/mozilla-central/rev/73255f988eb1