The pflac->rbuffer pointer array was being allocated in two
places, but only one of them (the one that was kept) was checking
to ensure the pointers were NULL before allocation.
Leak was found by fuzzing the sndfile-resample binary compiled
with ASAN.
Change-Id: Ie5bafb97aeefc38afbb13f3ac668ccbc34da986c
static void
sf_flac_meta_callback (const FLAC__StreamDecoder * UNUSED (decoder), const FLAC__StreamMetadata *metadata, void *client_data)
{ SF_PRIVATE *psf = (SF_PRIVATE*) client_data ;
- FLAC_PRIVATE* pflac = (FLAC_PRIVATE*) psf->codec_data ;
- int bitwidth = 0, i ;
+ int bitwidth = 0 ;
switch (metadata->type)
{ case FLAC__METADATA_TYPE_STREAMINFO :
if (bitwidth > 0)
psf_log_printf (psf, " Bit width : %d\n", bitwidth) ;
-
-
- for (i = 0 ; i < psf->sf.channels ; i++)
- pflac->rbuffer [i] = calloc (FLAC__MAX_BLOCK_SIZE, sizeof (int32_t)) ;
-
- pflac->wbuffer = (const int32_t* const*) pflac->rbuffer ;
break ;
case FLAC__METADATA_TYPE_VORBIS_COMMENT :