zdoom/fluidsynth
0
0
Fork 0
mirror of https://github.com/ZDoom/fluidsynth.git synced 2025-01-19 07:50:49 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix two uninitialized memory accesses in new_fluid_synth()

Browse source 
In an out of memory situation, fluid_synth_t::voice and fluid_synth_t::channel may not be fully initialized, causing a NULL dereference and heap corruption in delete_fluid_synth().
This commit is contained in:
derselbst 2019-08-02 15:09:29 +02:00
parent 7f11a9bf5c
commit 743601930a
1 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/synth/fluid_synth.c
View file

@ -837,6 +837,7 @@ new_fluid_synth(fluid_settings_t *settings)
goto error_recovery;
}
FLUID_MEMSET(synth->channel, 0, synth->midi_channels * sizeof(*synth->channel));
for(i = 0; i < synth->midi_channels; i++)
{
synth->channel[i] = new_fluid_channel(synth, i);
@ -856,6 +857,7 @@ new_fluid_synth(fluid_settings_t *settings)
goto error_recovery;
}
FLUID_MEMSET(synth->voice, 0, synth->nvoice * sizeof(*synth->voice));
for(i = 0; i < synth->nvoice; i++)
{
synth->voice[i] = new_fluid_voice(synth->eventhandler, synth->sample_rate);
@ -1008,7 +1010,10 @@ delete_fluid_synth(fluid_synth_t *synth)
{
for(i = 0; i < synth->midi_channels; i++)
{
fluid_channel_set_preset(synth->channel[i], NULL);
if(synth->channel[i] != NULL)
{
fluid_channel_set_preset(synth->channel[i], NULL);
}
}
}