mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 22:45:39 +00:00
Code Issues Releases Wiki Activity

isc_buffer_*(): if source can be NULL, only call memmove() when length is non-zero

Browse Source 
Certain isc_buffer_*() functions might call memmove() with the second
argument (source) set to NULL and the third argument (length) set to 0.
While harmless, it triggers an ubsan warning:

    runtime error: null pointer passed as argument 2, which is declared to never be null

Modify all memmove() call sites in lib/isc/include/isc/buffer.h and
lib/isc/buffer.c which may potentially use NULL as the second argument
(source) so that memmove() is only called if the third argument (length)
is non-zero.
This commit is contained in:
Michał Kępień
2018-05-15 08:18:01 +02:00
parent 9bc6ba0be9
commit 6ddbca6f2b
3 changed files with 16 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
lib/isc/buffer.c
View File

@@ -59,7 +59,10 @@ isc_buffer_reinit(isc_buffer_t *b, void *base, unsigned int length) {
REQUIRE(base != NULL);
REQUIRE(!b->autore);
(void)memmove(base, b->base, b->length);
if (b->length > 0U) {
(void)memmove(base, b->base, b->length);
}
b->base = base;
b->length = length;
}
@@ -253,7 +256,9 @@ isc_buffer_compact(isc_buffer_t *b) {
src = isc_buffer_current(b);
length = isc_buffer_remaininglength(b);
(void)memmove(b->base, src, (size_t)length);
if (length > 0U) {
(void)memmove(b->base, src, (size_t)length);
}
if (b->active > b->current)
b->active -= b->current;
@@ -526,8 +531,10 @@ isc_buffer_copyregion(isc_buffer_t *b, const isc_region_t *r) {
}
if (r->length > available)
return (ISC_R_NOSPACE);
memmove(base, r->base, r->length);
b->used += r->length;
if (r->length > 0U) {
memmove(base, r->base, r->length);
b->used += r->length;
}
return (ISC_R_SUCCESS);
}