Commit 96aaf889 authored by Sebastian Dröge's avatar Sebastian Dröge

flxdec: Allocate 0-initialized memory for the decoded frame

Otherwise we might leak arbitrary information from the uninitialized
memory if not every pixel is written.

https://scarybeastsecurity.blogspot.gr/2016/12/1days-0days-pocs-more-gstreamer-flic.html
parent bc2adef5
......@@ -812,8 +812,8 @@ gst_flxdec_chain (GstPad * pad, GstObject * parent, GstBuffer * buf)
}
/* create delta and output frame */
flxdec->frame_data = g_malloc (flxdec->size);
flxdec->delta_data = g_malloc (flxdec->size);
flxdec->frame_data = g_malloc0 (flxdec->size);
flxdec->delta_data = g_malloc0 (flxdec->size);
flxdec->state = GST_FLXDEC_PLAYING;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment