[Bug 788548] New: Function parameter assigned the address of a local auto-variable in function id3v2_frames_to_tag_list

[GStreamer (GNOME Bugzilla)]

https://bugzilla.gnome.org/show_bug.cgi?id=788548

            Bug ID: 788548
           Summary: Function parameter assigned the address of a local
                    auto-variable in function id3v2_frames_to_tag_list
    Classification: Platform
           Product: GStreamer
           Version: 1.12.3
                OS: All
            Status: NEW
          Severity: minor
          Priority: Normal
         Component: gst-plugins-base
          Assignee: gstreamer-bugs at lists.freedesktop.org
          Reporter: kr.ashish at samsung.com
        QA Contact: gstreamer-bugs at lists.freedesktop.org
     GNOME version: ---

In 
File : id3v2.c
Function : static gboolean id3v2_frames_to_tag_list (ID3TagsWorking * work,
guint size)

Line No. 574
In statement 
 work->frame_id = frame_id;

Function parameter work->frame_id of type gchar * (pointer) is assigned local
auto-variable frame_id which is defined as

Line No. 477: gchar frame_id[5] = "";

Function parameter is assigned the address of a local auto-variable. Local
auto-variables are reserved from the stack which is freed when the function
ends. The address is invalid after the function ends and it might 'leak' from
the function through the parameter.

Solution: frame_id should be initialized as below :-

gchar *frame_id = g_malloc (5*sizeof(gchar));


Please let me know if I can submit a patch for the issue.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.