mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2025-06-05 15:08:53 +00:00
Code Issues 1 Projects Releases Wiki Activity

flxdec: Allocate 0-initialized memory for the decoded frame

Browse source 
Otherwise we might leak arbitrary information from the uninitialized
memory if not every pixel is written.

https://scarybeastsecurity.blogspot.gr/2016/12/1days-0days-pocs-more-gstreamer-flic.html
This commit is contained in:
Sebastian Dröge 2016-12-06 07:48:47 +02:00
parent bc2adef550
commit 96aaf889af
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
gst/flx/gstflxdec.c
View file

@ -812,8 +812,8 @@ gst_flxdec_chain (GstPad * pad, GstObject * parent, GstBuffer * buf)
} }
/* create delta and output frame */ /* create delta and output frame */
flxdec->frame_data = g_malloc (flxdec->size); flxdec->frame_data = g_malloc0 (flxdec->size);
flxdec->delta_data = g_malloc (flxdec->size); flxdec->delta_data = g_malloc0 (flxdec->size);
flxdec->state = GST_FLXDEC_PLAYING; flxdec->state = GST_FLXDEC_PLAYING;
} }