flxdec: Allocate 0-initialized memory for the decoded frame

Otherwise we might leak arbitrary information from the uninitialized memory if not every pixel is written. https://scarybeastsecurity.blogspot.gr/2016/12/1days-0days-pocs-more-gstreamer-flic.html
author: Sebastian Dröge <sebastian@centricular.com> 2016-12-06 07:48:47 +0200
committer: Sebastian Dröge <sebastian@centricular.com> 2016-12-06 07:48:47 +0200
commit: 96aaf889afe90b5e02ec756af5c6c7000d2cc424 (patch)
tree: a7056095c3795216276ddbef22223b28895f3e76
parent: bc2adef5506602760cdd73ca6562f793e1d991bb (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/gst/flx/gstflxdec.c b/gst/flx/gstflxdec.c
index aa1bed502..193225907 100644
--- a/gst/flx/gstflxdec.c
+++ b/gst/flx/gstflxdec.c
@@ -812,8 +812,8 @@ gst_flxdec_chain (GstPad * pad, GstObject * parent, GstBuffer * buf)
       }
 
       /* create delta and output frame */
-      flxdec->frame_data = g_malloc (flxdec->size);
-      flxdec->delta_data = g_malloc (flxdec->size);
+      flxdec->frame_data = g_malloc0 (flxdec->size);
+      flxdec->delta_data = g_malloc0 (flxdec->size);
 
       flxdec->state = GST_FLXDEC_PLAYING;
     }
author	Sebastian Dröge <sebastian@centricular.com>	2016-12-06 07:48:47 +0200
committer	Sebastian Dröge <sebastian@centricular.com>	2016-12-06 07:48:47 +0200
commit	96aaf889afe90b5e02ec756af5c6c7000d2cc424 (patch)
tree	a7056095c3795216276ddbef22223b28895f3e76
parent	bc2adef5506602760cdd73ca6562f793e1d991bb (diff)