From 96aaf889afe90b5e02ec756af5c6c7000d2cc424 Mon Sep 17 00:00:00 2001 From: Sebastian Dröge Date: Tue, 6 Dec 2016 07:48:47 +0200 Subject: flxdec: Allocate 0-initialized memory for the decoded frame Otherwise we might leak arbitrary information from the uninitialized memory if not every pixel is written. https://scarybeastsecurity.blogspot.gr/2016/12/1days-0days-pocs-more-gstreamer-flic.html --- gst/flx/gstflxdec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gst/flx/gstflxdec.c b/gst/flx/gstflxdec.c index aa1bed502..193225907 100644 --- a/gst/flx/gstflxdec.c +++ b/gst/flx/gstflxdec.c @@ -812,8 +812,8 @@ gst_flxdec_chain (GstPad * pad, GstObject * parent, GstBuffer * buf) } /* create delta and output frame */ - flxdec->frame_data = g_malloc (flxdec->size); - flxdec->delta_data = g_malloc (flxdec->size); + flxdec->frame_data = g_malloc0 (flxdec->size); + flxdec->delta_data = g_malloc0 (flxdec->size); flxdec->state = GST_FLXDEC_PLAYING; } -- cgit v1.2.3