Properly initialize deflate_state instance

Fix use of uninitialized memory reported by oss-fuzz
(and confirmed by valgrind@aarch64) by properly setting deflate_state
internal member (i.e. s->prev) to a valid value before use.

For details, see:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11360

Bug: 1032721
Change-Id: I6c7b2e87e81b8ccc6c39298fd3c704befd797b96
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2015667
Commit-Queue: Adenilson Cavalcanti <cavalcantii@chromium.org>
Reviewed-by: Chris Blume <cblume@chromium.org>
Reviewed-by: vikas soni <vikassoni@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#734278}
Cr-Mirrored-From: https://chromium.googlesource.com/chromium/src
Cr-Mirrored-Commit: 2d43e0d3369904d881e8519a69481226bba3394c

1 files changed, 4 insertions, 0 deletions

diff --git a/deflate.c b/deflate.c
index a39e627..58744b8 100644
--- a/deflate.c
+++ b/deflate.c
@@ -318,6 +318,10 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
                                  s->w_size + window_padding,
                                  2*sizeof(Byte));
     s->prev   = (Posf *)  ZALLOC(strm, s->w_size, sizeof(Pos));
+    /* Avoid use of uninitialized value, see:
+     * https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11360
+     */
+    memset(s->prev, 0, s->w_size * sizeof(Pos));
     s->head   = (Posf *)  ZALLOC(strm, s->hash_size, sizeof(Pos));
 
     s->high_water = 0;      /* nothing written to s->window yet */