|
 |
9fc0f6 |
From 072cebc2c736bec33e90299b49d82976c12b5549 Mon Sep 17 00:00:00 2001
|
|
|
9fc0f6 |
From: Shawn Landden <shawn@churchofgit.com>
|
|
|
9fc0f6 |
Date: Mon, 16 Dec 2013 15:41:00 -0800
|
|
|
9fc0f6 |
Subject: [PATCH] journal: fix against (theoretical) undefined behavior
|
|
|
9fc0f6 |
|
|
|
9fc0f6 |
While all the libc implementations I know return NULL when memchr's size
|
|
|
9fc0f6 |
parameter is 0, without accessing any memory, passing NULL to memchr is
|
|
|
9fc0f6 |
still invalid:
|
|
|
9fc0f6 |
|
|
|
9fc0f6 |
C11 7.24.1p2: Where an argument declared as "size_t n" specifies the length
|
|
|
9fc0f6 |
of the array for a function, n can have the value zero on a call to that
|
|
|
9fc0f6 |
function. Unless explicitly stated otherwise in the description of a
|
|
|
9fc0f6 |
particular function in this subclause, pointer arguments on such a call
|
|
|
9fc0f6 |
shall still have valid values, as described in 7.1.4. On such a call, a
|
|
|
9fc0f6 |
function that locates a character finds no occurrence, a function that
|
|
|
9fc0f6 |
compares two character sequences returns zero, and a function that copies
|
|
|
9fc0f6 |
characters copies zero characters.
|
|
|
9fc0f6 |
|
|
|
9fc0f6 |
see http://llvm.org/bugs/show_bug.cgi?id=18247
|
|
|
9fc0f6 |
---
|
|
|
9fc0f6 |
src/journal/journal-file.c | 5 ++++-
|
|
|
9fc0f6 |
1 file changed, 4 insertions(+), 1 deletion(-)
|
|
|
9fc0f6 |
|
|
|
9fc0f6 |
diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
|
|
|
9fc0f6 |
index ebf72f3..2c0fd0c 100644
|
|
|
9fc0f6 |
--- a/src/journal/journal-file.c
|
|
|
9fc0f6 |
+++ b/src/journal/journal-file.c
|
|
|
9fc0f6 |
@@ -1010,7 +1010,10 @@ static int journal_file_append_data(
|
|
|
9fc0f6 |
if (r < 0)
|
|
|
9fc0f6 |
return r;
|
|
|
9fc0f6 |
|
|
|
9fc0f6 |
- eq = memchr(data, '=', size);
|
|
|
9fc0f6 |
+ if (!data)
|
|
|
9fc0f6 |
+ eq = NULL;
|
|
|
9fc0f6 |
+ else
|
|
|
9fc0f6 |
+ eq = memchr(data, '=', size);
|
|
|
9fc0f6 |
if (eq && eq > data) {
|
|
|
9fc0f6 |
uint64_t fp;
|
|
|
9fc0f6 |
Object *fo;
|