Blame patches/libmp3splt/CVE-2017-15185.patch
|
 |
e0f6e2 |
diff --git a/plugins/ogg.c b/plugins/ogg.c
|
|
|
e0f6e2 |
index 50cc495..57745f1 100644
|
|
|
e0f6e2 |
--- a/plugins/ogg.c
|
|
|
e0f6e2 |
+++ b/plugins/ogg.c
|
|
|
e0f6e2 |
@@ -212,26 +212,36 @@ static splt_ogg_state *splt_ogg_v_new(int *error)
|
|
|
e0f6e2 |
goto error;
|
|
|
e0f6e2 |
}
|
|
|
e0f6e2 |
memset(oggstate, 0, sizeof(splt_ogg_state));
|
|
|
e0f6e2 |
+
|
|
|
e0f6e2 |
if ((oggstate->sync_in = malloc(sizeof(ogg_sync_state)))==NULL)
|
|
|
e0f6e2 |
{
|
|
|
e0f6e2 |
goto error;
|
|
|
e0f6e2 |
}
|
|
|
e0f6e2 |
+ memset(oggstate->sync_in, 0, sizeof(ogg_sync_state));
|
|
|
e0f6e2 |
+
|
|
|
e0f6e2 |
if ((oggstate->stream_in = malloc(sizeof(ogg_stream_state)))==NULL)
|
|
|
e0f6e2 |
{
|
|
|
e0f6e2 |
goto error;
|
|
|
e0f6e2 |
}
|
|
|
e0f6e2 |
+ memset(oggstate->stream_in, 0, sizeof(ogg_stream_state));
|
|
|
e0f6e2 |
+
|
|
|
e0f6e2 |
if ((oggstate->vd = malloc(sizeof(vorbis_dsp_state)))==NULL)
|
|
|
e0f6e2 |
{
|
|
|
e0f6e2 |
goto error;
|
|
|
e0f6e2 |
}
|
|
|
e0f6e2 |
+ memset(oggstate->vd, 0, sizeof(vorbis_dsp_state));
|
|
|
e0f6e2 |
+
|
|
|
e0f6e2 |
if ((oggstate->vi = malloc(sizeof(vorbis_info)))==NULL)
|
|
|
e0f6e2 |
{
|
|
|
e0f6e2 |
goto error;
|
|
|
e0f6e2 |
}
|
|
|
e0f6e2 |
+ memset(oggstate->vi, 0, sizeof(vorbis_info));
|
|
|
e0f6e2 |
+
|
|
|
e0f6e2 |
if ((oggstate->vb = malloc(sizeof(vorbis_block)))==NULL)
|
|
|
e0f6e2 |
{
|
|
|
e0f6e2 |
goto error;
|
|
|
e0f6e2 |
}
|
|
|
e0f6e2 |
+ memset(oggstate->vb, 0, sizeof(vorbis_block));
|
|
|
e0f6e2 |
|
|
|
e0f6e2 |
if ((oggstate->headers = malloc(sizeof(splt_v_packet) * TOTAL_HEADER_PACKETS))==NULL)
|
|
|
e0f6e2 |
{
|