From bb7cf3308183f62875d7b51cda0ce1a23740baa4 Mon Sep 17 00:00:00 2001
From: Simon Vogl <svogl@users.noreply.github.com>
Date: Thu, 18 Jan 2024 16:26:50 +0100
Subject: [PATCH 1/2] GUACAMOLE-1903: set rcMask to NULL

set rcMask to NULL to prevent double-free errors occuring in libvncclient 0.9.13 and up
---
 src/protocols/vnc/cursor.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/protocols/vnc/cursor.c b/src/protocols/vnc/cursor.c
index bd013f559..eba5eb5fb 100644
--- a/src/protocols/vnc/cursor.c
+++ b/src/protocols/vnc/cursor.c
@@ -124,6 +124,9 @@ void guac_vnc_cursor(rfbClient* client, int x, int y, int w, int h, int bpp) {
     guac_mem_free(buffer);
 
     /* libvncclient does not free rcMask as it does rcSource */
-    free(client->rcMask);
+    if (client->rcMask) {
+        free(client->rcMask);
+        client->rcMask = NULL;
+    }
 }
 

From 0ae5d2372219695506d4cd753a51b60402a3f796 Mon Sep 17 00:00:00 2001
From: Simon Vogl <simon.vogl@voxel.at>
Date: Thu, 18 Jan 2024 19:41:39 +0100
Subject: [PATCH 2/2] GUACAMOLE-1903: explicitly compare for not NULL

---
 src/protocols/vnc/cursor.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/protocols/vnc/cursor.c b/src/protocols/vnc/cursor.c
index eba5eb5fb..449fea382 100644
--- a/src/protocols/vnc/cursor.c
+++ b/src/protocols/vnc/cursor.c
@@ -124,7 +124,7 @@ void guac_vnc_cursor(rfbClient* client, int x, int y, int w, int h, int bpp) {
     guac_mem_free(buffer);
 
     /* libvncclient does not free rcMask as it does rcSource */
-    if (client->rcMask) {
+    if (client->rcMask != NULL) {
         free(client->rcMask);
         client->rcMask = NULL;
     }