CVE-2017-5979

diff --git a/zzip/fseeko.c b/zzip/fseeko.c
index ba19b436fb0cdf5d57309731ff1297ed633f245b..d3eb42ddce665ea93fb2a9be3af8865da729950b 100644 (file)
--- a/zzip/fseeko.c
+++ b/zzip/fseeko.c
@@ -319,7 +319,7 @@ zzip_entry_findfirst(FILE * disk)
     }
     /* we read out chunks of 8 KiB in the hope to match disk granularity */
     ___ zzip_off_t pagesize = PAGESIZE; /* getpagesize() */
-    ___ ZZIP_ENTRY *entry = malloc(sizeof(*entry));
+    ___ ZZIP_ENTRY *entry = calloc(1, sizeof(*entry));
     if (! entry)
         goto error0; /* ENOMEM */
     ___ unsigned char *buffer = malloc(pagesize);