Memory leak on vorbis-tools/vcut

Description

We found a memory leak error when using vorbis-tools/vcut to split the PoC file into two ogg format files.

It should be noted that vorbis-tools(version 1.4.0-11) downloaded through apt-get may also trigger this vulnerability, which may endanger the system security of Debian users.

Version

vcut from vorbis-tools 1.4.2 (the latest version).

Reference

https://github.com/xiph/vorbis-tools

https://xiph.org/vorbis/

Actual Behavior

Memory leak

PoC

vorbispoc2: https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/vorbispoc2

Reproduction

git clone https://github.com/xiph/vorbis-tools.git
cd vorbis-tools
apt install automake libtool m4 autoconf libogg-dev libvorbis-dev
./autogen.sh
CFLAGS="-fsanitize=address -fno-omit-frame-pointer -g" CXXFLAGS=" -fsanitize=address -fno-omit-frame-pointer -g" ./configure
make

./vcut/vcut vorbispoc2 outfile1.ogg outfile2.ogg 0.5 +0.4

ASAN Log

=================================================================
==3117039==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 8 byte(s) in 1 object(s) allocated from:
    #0 0x7ffff7699a06 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:153
    #1 0x7ffff756eae8 in vorbis_synthesis_headerin (/lib/x86_64-linux-gnu/libvorbis.so.0+0x10ae8)

Direct leak of 4 byte(s) in 1 object(s) allocated from:
    #0 0x7ffff7699a06 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:153
    #1 0x7ffff756eaf8 in vorbis_synthesis_headerin (/lib/x86_64-linux-gnu/libvorbis.so.0+0x10af8)

SUMMARY: AddressSanitizer: 12 byte(s) leaked in 2 allocation(s).

Environment

ubuntu:20.04
gcc version 9.4.0 (Ubuntu 9.4.0-1ubuntu1~20.04.2)
clang version 10.0.0-4ubuntu1
afl-cc++4.09

Credit

Zeng Yunxiang ([Huazhong University of Science and Technology](http://cse.hust.edu.cn/))

xiph / vorbis-tools

Memory leak on vorbis-tools/vcut #42