linma / rpms / iproute

Forked from rpms/iproute 4 years ago
Clone

Blame SOURCES/0116-lib-libnetlink-Don-t-pass-NULL-parameter-to-memcpy.patch

99be8f
From 8af39fdff4f966d00571bda2610eac8fae2f7482 Mon Sep 17 00:00:00 2001
99be8f
From: Andrea Claudi <aclaudi@redhat.com>
99be8f
Date: Mon, 29 Apr 2019 20:08:08 +0200
99be8f
Subject: [PATCH] lib/libnetlink: Don't pass NULL parameter to memcpy()
99be8f
99be8f
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1465646
99be8f
Upstream Status: iproute2.git commit 893deac4c43b5
99be8f
99be8f
commit 893deac4c43b57ae49f736ec050724b6de181062
99be8f
Author: Phil Sutter <phil@nwl.cc>
99be8f
Date:   Thu Aug 24 11:41:31 2017 +0200
99be8f
99be8f
    lib/libnetlink: Don't pass NULL parameter to memcpy()
99be8f
99be8f
    Both addattr_l() and rta_addattr_l() may be called with NULL data
99be8f
    pointer and 0 alen parameters. Avoid calling memcpy() in that case.
99be8f
99be8f
    Signed-off-by: Phil Sutter <phil@nwl.cc>
99be8f
---
99be8f
 lib/libnetlink.c | 6 ++++--
99be8f
 1 file changed, 4 insertions(+), 2 deletions(-)
99be8f
99be8f
diff --git a/lib/libnetlink.c b/lib/libnetlink.c
99be8f
index 75e20abf0b97f..ff26ddf50552b 100644
99be8f
--- a/lib/libnetlink.c
99be8f
+++ b/lib/libnetlink.c
99be8f
@@ -898,7 +898,8 @@ int addattr_l(struct nlmsghdr *n, int maxlen, int type, const void *data,
99be8f
 	rta = NLMSG_TAIL(n);
99be8f
 	rta->rta_type = type;
99be8f
 	rta->rta_len = len;
99be8f
-	memcpy(RTA_DATA(rta), data, alen);
99be8f
+	if (alen)
99be8f
+		memcpy(RTA_DATA(rta), data, alen);
99be8f
 	n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len);
99be8f
 	return 0;
99be8f
 }
99be8f
@@ -985,7 +986,8 @@ int rta_addattr_l(struct rtattr *rta, int maxlen, int type,
99be8f
 	subrta = (struct rtattr *)(((char *)rta) + RTA_ALIGN(rta->rta_len));
99be8f
 	subrta->rta_type = type;
99be8f
 	subrta->rta_len = len;
99be8f
-	memcpy(RTA_DATA(subrta), data, alen);
99be8f
+	if (alen)
99be8f
+		memcpy(RTA_DATA(subrta), data, alen);
99be8f
 	rta->rta_len = NLMSG_ALIGN(rta->rta_len) + RTA_ALIGN(len);
99be8f
 	return 0;
99be8f
 }
99be8f
-- 
d30c09
2.21.0
99be8f