commit 0fc5e2291f12e5d2a36b4c850747157fcc365682
from: Stefan Sperling <stsp@stsp.name>
date: Tue Nov 08 09:20:45 2022 UTC

zero-initialize all of struct got_deflate_buf in got_deflate_init()

Fixes a potential bogus free on error.
got_deflate_end() relies on zb.flags to be initialized. It will try to free
a bogus zb.outbuf pointer if zb.flags happens to set by uninitialized stack
memory while we are calling got_deflate_end() in an error path.

commit - 08603e79bbb2bb6324cad8aa08311f2f47f8822d
commit + 0fc5e2291f12e5d2a36b4c850747157fcc365682
blob - 3ce3c75e0f8d23779fd0bd90f5d81d7953cf433e
blob + 143943dab41bdfa1c563424971a783ce73ec6ca1
--- lib/deflate.c
+++ lib/deflate.c
@@ -41,7 +41,7 @@ got_deflate_init(struct got_deflate_buf *zb, uint8_t *
 	const struct got_error *err = NULL;
 	int zerr;
 
-	memset(&zb->z, 0, sizeof(zb->z));
+	memset(zb, 0, sizeof(*zb));
 
 	zb->z.zalloc = Z_NULL;
 	zb->z.zfree = Z_NULL;