• Max Kellermann's avatar
    stream_decoder: fix memory leak after seek table read error · f7491f97
    Max Kellermann authored
    When read_metadata_seektable_() fails, the has_seek_table flag is
    never set to true, and thus free() is never called.
    
    Example valgrind output:
    
     11,185,464 bytes in 1 blocks are definitely lost in loss record 62 of 62
        at 0x4C2BC0F: malloc (vg_replace_malloc.c:299)
        by 0x4C2DE6F: realloc (vg_replace_malloc.c:785)
        by 0x40A7880: safe_realloc_ (alloc.h:159)
        by 0x40A7911: safe_realloc_mul_2op_ (alloc.h:205)
        by 0x40AB6B5: read_metadata_seektable_ (stream_decoder.c:1654)
        by 0x40AAB2D: read_metadata_ (stream_decoder.c:1422)
        by 0x40A9C79: FLAC__stream_decoder_process_until_end_of_metadata (stream_decoder.c:1055)
    
    It is easy to craft a FLAC file which leaks megabytes of memory on
    every attempt to open the file.
    
    This patch fixes the problem by removing checks which are unnecessary
    (and harmful).  Checking the has_seek_table flag is not enough, as
    described above.  The NULL check is not harmful, but is not helpful
    either, because free(NULL) is documented to be legal.
    
    After running this code block, we're in a well-known safe state, no
    matter how inconsistent pointer and flag may have been before, for
    whatever reasons.
    Signed-off-by: Erik de Castro Lopo's avatarErik de Castro Lopo <erikd@mega-nerd.com>
    f7491f97
stream_decoder.c 131 KB