diff options
author | Robert Shih <robertshih@google.com> | 2016-03-11 18:33:51 -0800 |
---|---|---|
committer | The Android Automerger <android-build@google.com> | 2016-03-25 17:46:37 -0700 |
commit | b499389da21d89d32deff500376c5ee4f8f0b04c (patch) | |
tree | 74d7734c4605ee9ecde267b12af1b7bfd24b8815 /libFLAC | |
parent | e685ca5e441867515363f6f9c1be5f609b67e975 (diff) | |
download | android_external_flac-b499389da21d89d32deff500376c5ee4f8f0b04c.tar.gz android_external_flac-b499389da21d89d32deff500376c5ee4f8f0b04c.tar.bz2 android_external_flac-b499389da21d89d32deff500376c5ee4f8f0b04c.zip |
Avoid free-before-initialize vulnerability in heap
Bug: 27211885
Change-Id: Ib9c93bd9ffdde2a5f8d31a86f06e267dc9c152db
Diffstat (limited to 'libFLAC')
-rw-r--r-- | libFLAC/stream_decoder.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/libFLAC/stream_decoder.c b/libFLAC/stream_decoder.c index d13b23b..7dff737 100644 --- a/libFLAC/stream_decoder.c +++ b/libFLAC/stream_decoder.c @@ -1739,6 +1739,7 @@ FLAC__bool read_metadata_vorbiscomment_(FLAC__StreamDecoder *decoder, FLAC__Stre if (obj->num_comments > 0) { if (0 == (obj->comments = safe_malloc_mul_2op_p(obj->num_comments, /*times*/sizeof(FLAC__StreamMetadata_VorbisComment_Entry)))) { decoder->protected_->state = FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR; + obj->num_comments = 0; return false; } for (i = 0; i < obj->num_comments; i++) { |