demux/xiph_metadata: memory leaks in vorbis_ParseComment on unexpected data
There are numerous potential leaks in vorbis_ParseComment
related to the usage of continue
without releasing allocated resources within the surrounding loop.
Below is an example (reproducable with the attached sample).
Direct leak of 28 byte(s) in 1 object(s) allocated from:
[#0](https://code.videolan.org/videolan/vlc/-/issues/0) 0x7f8820c77e60 in __interceptor_malloc /build/gcc-multilib/src/gcc/libsanitizer/asan/asan_malloc_linux.cc:62
[#1](https://code.videolan.org/videolan/vlc/-/issues/1) 0x7f881f3eb1d9 in strndup (/usr/lib/libc.so.6+0x801d9)
[#2](https://code.videolan.org/videolan/vlc/-/issues/2) 0x7f88082d2056 in vorbis_ParseComment git/modules/demux/xiph_metadata.c:398
[#3](https://code.videolan.org/videolan/vlc/-/issues/3) 0x7f88082ce509 in ParseComment git/modules/demux/flac.c:651
[#4](https://code.videolan.org/videolan/vlc/-/issues/4) 0x7f88082ce509 in ReadMeta git/modules/demux/flac.c:575
[#5](https://code.videolan.org/videolan/vlc/-/issues/5) 0x7f88082ce509 in Open git/modules/demux/flac.c:151
[#6](https://code.videolan.org/videolan/vlc/-/issues/6) 0x7f8820558a31 in generic_start git/src/modules/modules.c:349
[#7](https://code.videolan.org/videolan/vlc/-/issues/7) 0x7f8820558c02 in module_load git/src/modules/modules.c:183
[#8](https://code.videolan.org/videolan/vlc/-/issues/8) 0x7f882055979a in vlc_module_load git/src/modules/modules.c:275
[#9](https://code.videolan.org/videolan/vlc/-/issues/9) 0x7f8820559f7a in module_need git/src/modules/modules.c:364
[#10](https://code.videolan.org/videolan/vlc/-/issues/10) 0x7f88205a1c04 in demux_NewAdvanced git/src/input/demux.c:259
[#11](https://code.videolan.org/videolan/vlc/-/issues/11) 0x7f88205c9cb8 in InputDemuxNew git/src/input/input.c:2359
[#12](https://code.videolan.org/videolan/vlc/-/issues/12) 0x7f88205c9cb8 in InputSourceNew git/src/input/input.c:2469
[#13](https://code.videolan.org/videolan/vlc/-/issues/13) 0x7f88205cf8a9 in Init git/src/input/input.c:1306
[#14](https://code.videolan.org/videolan/vlc/-/issues/14) 0x7f88205d3545 in Run git/src/input/input.c:486
[#15](https://code.videolan.org/videolan/vlc/-/issues/15) 0x7f881f710453 in start_thread (/usr/lib/libpthread.so.0+0x7453)
[#16](https://code.videolan.org/videolan/vlc/-/issues/16) 0x7f881f4537de in __GI___clone (/usr/lib/libc.so.6+0xe87de)
Objects leaked above:
0x60300005b3f0 (28 bytes)
The asan output is from latest vlc.git
, but the behavior is reproducible with vlc-2.2.git
as well.