luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-01-26 05:56:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

gvariant: Fix a potential memcpy(NULL) call

Browse Source 
This probably won’t crash, as it can only happen if (size == 0), but
add a check to be safe, and to shut up the static analyser.

This case can be reached with the following call:
    gvs_read_unaligned_le(NULL, 0)
which can be called from:
    gvs_tuple_get_child(value, index_)
with (value.data == NULL) and (value.size == 0).

Found by scan-build.

https://bugzilla.gnome.org/show_bug.cgi?id=715164
This commit is contained in:
Philip Withnall 2013-11-25 13:50:20 +00:00
parent c9344fd513
commit c1d5db6186
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
glib/gvariant-serialiser.c
View File

@ -552,6 +552,7 @@ gvs_fixed_sized_array_is_normal (GVariantSerialised value)
* normal form and that is the one that the serialiser must produce.
*/
/* bytes may be NULL if (size == 0). */
static inline gsize
gvs_read_unaligned_le (guchar *bytes,
guint size)
@ -563,7 +564,8 @@ gvs_read_unaligned_le (guchar *bytes,
} tmpvalue;
tmpvalue.integer = 0;
memcpy (&tmpvalue.bytes, bytes, size);
if (bytes != NULL)
memcpy (&tmpvalue.bytes, bytes, size);
return GSIZE_FROM_LE (tmpvalue.integer);
}