commit fedfac2c387cf3b4cb9e3530c517197190dadc2c
from: Stefan Sperling <stsp@stsp.name>
via: Thomas Adam <thomas@xteddy.org>
date: Tue Nov 08 20:14:11 2022 UTC

zero-initialize all of struct got_inflate_buf in got_inflate_init()

Fixes a potential bogus free on error.
got_inflate_end() relies on zb.flags to be initialized. It will try to free
a bogus zb.outbuf pointer if zb.flags happens to set by uninitialized stack
memory while we are calling got_inflate_end() in an error path.

commit - a7e9cbc61974b99b3f64f9ccdb4f6cc50c1ac639
commit + fedfac2c387cf3b4cb9e3530c517197190dadc2c
blob - 13f61a15fdd51b06f2a21329608ca238fff9f7c8
blob + 9440011aed7234a7fffaed90fe2fb8b55fb0d2c9
--- lib/inflate.c
+++ lib/inflate.c
@@ -43,7 +43,7 @@ got_inflate_init(struct got_inflate_buf *zb, uint8_t *
 	const struct got_error *err = NULL;
 	int zerr;
 
-	memset(&zb->z, 0, sizeof(zb->z));
+	memset(zb, 0, sizeof(*zb));
 
 	zb->z.zalloc = Z_NULL;
 	zb->z.zfree = Z_NULL;