From ce86fd834bc1002f3f4a827b73fbd1fdc870dc42 Mon Sep 17 00:00:00 2001 From: Ondrej Holy Date: Tue, 28 Apr 2026 04:19:39 +0000 Subject: [PATCH] [cache,bitmap] initialize overallocated bitmap cache extra slot Backport of commit 8270e0bb3d6726c947d57c93ba9caa92a052b557. Adjusted hunk offsets for 3.10.3. Made-with: Cursor --- libfreerdp/cache/bitmap.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/libfreerdp/cache/bitmap.c b/libfreerdp/cache/bitmap.c index 8083fd9..1dc9853 100644 --- a/libfreerdp/cache/bitmap.c +++ b/libfreerdp/cache/bitmap.c @@ -390,6 +390,19 @@ rdpBitmapCache* bitmap_cache_new(rdpContext* context) cell->number = nr; } + /* initialize the overallocated extra slot for old RDP servers that send + * cacheId == maxCells; use a minimal allocation since no protocol-negotiated + * capacity exists for this slot */ + { + BITMAP_V2_CELL* extra = &bitmapCache->cells[bitmapCache->maxCells]; + /* allocate an extra entry for BITMAP_CACHE_WAITING_LIST_INDEX */ + extra->entries = (rdpBitmap**)calloc(1, sizeof(rdpBitmap*)); + + if (!extra->entries) + goto fail; + extra->number = 0; + } + return bitmapCache; fail: WINPR_PRAGMA_DIAG_PUSH @@ -408,7 +421,8 @@ void bitmap_cache_free(rdpBitmapCache* bitmapCache) if (bitmapCache->cells) { - for (UINT32 i = 0; i < bitmapCache->maxCells; i++) + /* iterate through maxCells + 1 to also free the overallocated extra slot */ + for (UINT32 i = 0; i <= bitmapCache->maxCells; i++) { UINT32 j = 0; BITMAP_V2_CELL* cell = &bitmapCache->cells[i]; -- 2.53.0