From 1c81499460ca59c16be4d24efce4c0dd91f4ae55 Mon Sep 17 00:00:00 2001 From: Erik de Castro Lopo Date: Wed, 12 Apr 2017 19:10:40 +1000 Subject: [PATCH] src/flac.c: Fix a memory leak The pflac->rbuffer pointer array was being allocated in two places, but only one of them (the one that was kept) was checking to ensure the pointers were NULL before allocation. Leak was found by fuzzing the sndfile-resample binary compiled with ASAN. Change-Id: Ie5bafb97aeefc38afbb13f3ac668ccbc34da986c --- src/flac.c | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/src/flac.c b/src/flac.c index 6bd8aae..b74ada1 100644 --- a/src/flac.c +++ b/src/flac.c @@ -430,8 +430,7 @@ sf_flac_meta_get_vorbiscomments (SF_PRIVATE *psf, const FLAC__StreamMetadata *me static void sf_flac_meta_callback (const FLAC__StreamDecoder * UNUSED (decoder), const FLAC__StreamMetadata *metadata, void *client_data) { SF_PRIVATE *psf = (SF_PRIVATE*) client_data ; - FLAC_PRIVATE* pflac = (FLAC_PRIVATE*) psf->codec_data ; - int bitwidth = 0, i ; + int bitwidth = 0 ; switch (metadata->type) { case FLAC__METADATA_TYPE_STREAMINFO : @@ -468,12 +467,6 @@ sf_flac_meta_callback (const FLAC__StreamDecoder * UNUSED (decoder), const FLAC_ if (bitwidth > 0) psf_log_printf (psf, " Bit width : %d\n", bitwidth) ; - - - for (i = 0 ; i < psf->sf.channels ; i++) - pflac->rbuffer [i] = calloc (FLAC__MAX_BLOCK_SIZE, sizeof (int32_t)) ; - - pflac->wbuffer = (const int32_t* const*) pflac->rbuffer ; break ; case FLAC__METADATA_TYPE_VORBIS_COMMENT : -- 2.7.4