diff options
| author | Martijn van Beurden <mvanb1@gmail.com> | 2022-08-19 21:33:15 +0200 |
|---|---|---|
| committer | Martijn van Beurden <mvanb1@gmail.com> | 2022-08-20 16:03:53 +0200 |
| commit | 5bc582b2c72a5fe401511ee492d1410f4f23ec7e (patch) | |
| tree | 73302809d4c9a4eebe90e7d059ec2dfc1fe76cb1 /src | |
| parent | 1f21ae2702dd5073cc068a37a99313f752ff9cf8 (diff) | |
| download | flac-5bc582b2c72a5fe401511ee492d1410f4f23ec7e.tar.gz | |
Fix some OOM metadata bugs, disable OOM checking in metadata fuzzing
For now OOM emulation in fuzzer_metadata is disabled, as I really
want to get as much merged as soon as possible. Need to get back
to this at some point
Diffstat (limited to 'src')
| -rw-r--r-- | src/libFLAC/metadata_object.c | 8 | ||||
| -rw-r--r-- | src/libFLAC/stream_decoder.c | 2 |
2 files changed, 7 insertions, 3 deletions
diff --git a/src/libFLAC/metadata_object.c b/src/libFLAC/metadata_object.c index d6ac3fc5..c1e54ab2 100644 --- a/src/libFLAC/metadata_object.c +++ b/src/libFLAC/metadata_object.c @@ -1183,8 +1183,10 @@ FLAC_API FLAC__bool FLAC__metadata_object_vorbiscomment_resize_comments(FLAC__St return false; for (uint32_t i = 0; i < new_num_comments; i++) { object->data.vorbis_comment.comments[i].length = 0; - if ((object->data.vorbis_comment.comments[i].entry = safe_malloc_(1)) == NULL) + if ((object->data.vorbis_comment.comments[i].entry = safe_malloc_(1)) == NULL) { + object->data.vorbis_comment.num_comments = i+1; return false; + } object->data.vorbis_comment.comments[i].entry[0] = '\0'; } } @@ -1223,8 +1225,10 @@ FLAC_API FLAC__bool FLAC__metadata_object_vorbiscomment_resize_comments(FLAC__St if (new_size > old_size) { for (uint32_t i = object->data.vorbis_comment.num_comments; i < new_num_comments; i++) { object->data.vorbis_comment.comments[i].length = 0; - if ((object->data.vorbis_comment.comments[i].entry = safe_malloc_(1)) == NULL) + if ((object->data.vorbis_comment.comments[i].entry = safe_malloc_(1)) == NULL) { + object->data.vorbis_comment.num_comments = i+1; return false; + } object->data.vorbis_comment.comments[i].entry[0] = '\0'; } } diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c index 23a0c890..c8e3f325 100644 --- a/src/libFLAC/stream_decoder.c +++ b/src/libFLAC/stream_decoder.c @@ -1525,7 +1525,7 @@ FLAC__bool read_metadata_(FLAC__StreamDecoder *decoder) free(block.data.vorbis_comment.comments); break; case FLAC__METADATA_TYPE_CUESHEET: - if(block.data.cue_sheet.num_tracks > 0) + if(block.data.cue_sheet.num_tracks > 0 && 0 != block.data.cue_sheet.tracks) for(i = 0; i < block.data.cue_sheet.num_tracks; i++) if(0 != block.data.cue_sheet.tracks[i].indices) free(block.data.cue_sheet.tracks[i].indices); |