From a191a504ea5a65e836e90c207025518cdce1c250 Mon Sep 17 00:00:00 2001
From: "thestig@chromium.org"
 <thestig@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Tue, 19 May 2009 01:04:21 +0000
Subject: Fix memory leak in corrupt JPEG decoding.

BUG=10945
Review URL: http://codereview.chromium.org/113433

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@16352 0039d316-1c4b-4281-b951-d872f2087c98
---
 base/gfx/jpeg_codec.cc          |  4 ++--
 tools/valgrind/suppressions.txt | 11 -----------
 2 files changed, 2 insertions(+), 13 deletions(-)

diff --git a/base/gfx/jpeg_codec.cc b/base/gfx/jpeg_codec.cc
index f611bf0..f2e82c2 100644
--- a/base/gfx/jpeg_codec.cc
+++ b/base/gfx/jpeg_codec.cc
@@ -184,6 +184,7 @@ bool JPEGCodec::Encode(const unsigned char* input, ColorFormat format,
                        int quality, std::vector<unsigned char>* output) {
   jpeg_compress_struct cinfo;
   CompressDestroyer destroyer;
+  destroyer.SetManagedObject(&cinfo);
   output->clear();
 
   // We set up the normal JPEG error routines, then override error_exit.
@@ -204,7 +205,6 @@ bool JPEGCodec::Encode(const unsigned char* input, ColorFormat format,
 
   // The destroyer will destroy() cinfo on exit.
   jpeg_create_compress(&cinfo);
-  destroyer.SetManagedObject(&cinfo);
 
   cinfo.image_width = w;
   cinfo.image_height = h;
@@ -395,6 +395,7 @@ bool JPEGCodec::Decode(const unsigned char* input, size_t input_size,
                        int* w, int* h) {
   jpeg_decompress_struct cinfo;
   DecompressDestroyer destroyer;
+  destroyer.SetManagedObject(&cinfo);
   output->clear();
 
   // We set up the normal JPEG error routines, then override error_exit.
@@ -414,7 +415,6 @@ bool JPEGCodec::Decode(const unsigned char* input, size_t input_size,
   // The destroyer will destroy() cinfo on exit.  We don't want to set the
   // destroyer's object until cinfo is initialized.
   jpeg_create_decompress(&cinfo);
-  destroyer.SetManagedObject(&cinfo);
 
   // set up the source manager
   jpeg_source_mgr srcmgr;
diff --git a/tools/valgrind/suppressions.txt b/tools/valgrind/suppressions.txt
index 3b63c57..4ebfc8a 100644
--- a/tools/valgrind/suppressions.txt
+++ b/tools/valgrind/suppressions.txt
@@ -492,17 +492,6 @@
    fun:_ZN17URLRequestHttpJob16OnStartCompletedEi
 }
 {
-   # See http://crbug.com/10945
-   bug_10945
-   Memcheck:Leak
-   fun:malloc
-   fun:jpeg_get_small
-   fun:jinit_memory_mgr
-   fun:jpeg_CreateDecompress
-   fun:_ZN9JPEGCodec6DecodeEPKhjNS_11ColorFormatEPSt6vectorIhSaIhEEPiS7_
-   fun:_ZN30JPEGCodec_DecodeCorrupted_Test8TestBodyEv
-}
-{
    # See http://crbug.com/11116
    bug_11116a
    Memcheck:Leak
-- 
cgit v1.1