malformed opus file causes memory leak in opusdec
The attached file will cause several memory leaks in opusdec.
Found with the help of american fuzzy lop and clang's leak sanitizer:
==6060==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 27264 byte(s) in 1 object(s) allocated from:
#0 0x7f66bb13925b in __interceptor_malloc (/mnt/ram/opus-1.1/opus-tools-0.1.9/opusdec+0xb625b)
#1 0x7f66baabe2e8 in opus_alloc /mnt/ram/opus-1.1/./celt/os_support.h:49:11
#2 0x7f66baabda22 in opus_multistream_decoder_create /mnt/ram/opus-1.1/src/opus_multistream_decoder.c:128:26
#3 0x7f66bb17e962 in process_header /mnt/ram/opus-1.1/opus-tools-0.1.9/src/opusdec.c:514:9
#4 0x7f66bb1763cf in main /mnt/ram/opus-1.1/opus-tools-0.1.9/src/opusdec.c:911:21
#5 0x7f66b922cf9f in __libc_start_main /var/tmp/portage/sys-libs/glibc-2.20-r1/work/glibc-2.20/csu/libc-start.c:289
Direct leak of 128 byte(s) in 1 object(s) allocated from:
#0 0x7f66bb1393b0 in calloc (/mnt/ram/opus-1.1/opus-tools-0.1.9/opusdec+0xb63b0)
#1 0x7f66bb186c39 in speex_alloc /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:68:45
#2 0x7f66bb183dd3 in opustools_resampler_init_frac /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:745:32
#3 0x7f66bb18364e in opustools_resampler_init /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:732:11
#4 0x7f66bb176ebd in main /mnt/ram/opus-1.1/opus-tools-0.1.9/src/opusdec.c:945:31
#5 0x7f66b922cf9f in __libc_start_main /var/tmp/portage/sys-libs/glibc-2.20-r1/work/glibc-2.20/csu/libc-start.c:289
Indirect leak of 51744 byte(s) in 1 object(s) allocated from:
#0 0x7f66bb1393b0 in calloc (/mnt/ram/opus-1.1/opus-tools-0.1.9/opusdec+0xb63b0)
#1 0x7f66bb186c39 in speex_alloc /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:68:45
#2 0x7f66bb18f375 in update_filter /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:598:43
#3 0x7f66bb186714 in opustools_resampler_init_frac /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:785:4
#4 0x7f66bb18364e in opustools_resampler_init /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:732:11
#5 0x7f66bb176ebd in main /mnt/ram/opus-1.1/opus-tools-0.1.9/src/opusdec.c:945:31
#6 0x7f66b922cf9f in __libc_start_main /var/tmp/portage/sys-libs/glibc-2.20-r1/work/glibc-2.20/csu/libc-start.c:289
Indirect leak of 1976 byte(s) in 1 object(s) allocated from:
#0 0x7f66bb1393b0 in calloc (/mnt/ram/opus-1.1/opus-tools-0.1.9/opusdec+0xb63b0)
#1 0x7f66bb186c39 in speex_alloc /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:68:45
#2 0x7f66bb1958f6 in update_filter /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:653:32
#3 0x7f66bb186714 in opustools_resampler_init_frac /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:785:4
#4 0x7f66bb18364e in opustools_resampler_init /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:732:11
#5 0x7f66bb176ebd in main /mnt/ram/opus-1.1/opus-tools-0.1.9/src/opusdec.c:945:31
#6 0x7f66b922cf9f in __libc_start_main /var/tmp/portage/sys-libs/glibc-2.20-r1/work/glibc-2.20/csu/libc-start.c:289
Indirect leak of 8 byte(s) in 1 object(s) allocated from:
#0 0x7f66bb1393b0 in calloc (/mnt/ram/opus-1.1/opus-tools-0.1.9/opusdec+0xb63b0)
#1 0x7f66bb186c39 in speex_alloc /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:68:45
#2 0x7f66bb1856cb in opustools_resampler_init_frac /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:771:36
#3 0x7f66bb18364e in opustools_resampler_init /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:732:11
#4 0x7f66bb176ebd in main /mnt/ram/opus-1.1/opus-tools-0.1.9/src/opusdec.c:945:31
#5 0x7f66b922cf9f in __libc_start_main /var/tmp/portage/sys-libs/glibc-2.20-r1/work/glibc-2.20/csu/libc-start.c:289
Indirect leak of 8 byte(s) in 1 object(s) allocated from:
#0 0x7f66bb1393b0 in calloc (/mnt/ram/opus-1.1/opus-tools-0.1.9/opusdec+0xb63b0)
#1 0x7f66bb186c39 in speex_alloc /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:68:45
#2 0x7f66bb185886 in opustools_resampler_init_frac /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:772:39
#3 0x7f66bb18364e in opustools_resampler_init /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:732:11
#4 0x7f66bb176ebd in main /mnt/ram/opus-1.1/opus-tools-0.1.9/src/opusdec.c:945:31
#5 0x7f66b922cf9f in __libc_start_main /var/tmp/portage/sys-libs/glibc-2.20-r1/work/glibc-2.20/csu/libc-start.c:289
Indirect leak of 8 byte(s) in 1 object(s) allocated from:
#0 0x7f66bb1393b0 in calloc (/mnt/ram/opus-1.1/opus-tools-0.1.9/opusdec+0xb63b0)
#1 0x7f66bb186c39 in speex_alloc /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:68:45
#2 0x7f66bb185a41 in opustools_resampler_init_frac /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:773:39
#3 0x7f66bb18364e in opustools_resampler_init /mnt/ram/opus-1.1/opus-tools-0.1.9/src/resample.c:732:11
#4 0x7f66bb176ebd in main /mnt/ram/opus-1.1/opus-tools-0.1.9/src/opusdec.c:945:31
#5 0x7f66b922cf9f in __libc_start_main /var/tmp/portage/sys-libs/glibc-2.20-r1/work/glibc-2.20/csu/libc-start.c:289