[gjs: 4/6] arg: Prevent null pointer access in zero-length array case
- From: Cosimo Cecchi <cosimoc src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gjs: 4/6] arg: Prevent null pointer access in zero-length array case
- Date: Fri, 2 Aug 2019 16:44:29 +0000 (UTC)
commit 8403892e778f76728e06c66173aa5fcd1c8f6883
Author: Philip Chimento <philip endlessm com>
Date: Wed Jul 31 15:34:08 2019 -0700
arg: Prevent null pointer access in zero-length array case
gjs_array_to_explicit_array_internal() may return null for the contents
of the array if the returned length is also zero.
g_array_append_vals(), g_byte_array_append(), and memcpy() may not take
null pointers for the source data. It looks like it was assumed that
they would do the right thing (i.e. nothing) if the length of the source
data was 0, but that's apparently not guaranteed. Instead, check for
null and skip the operation if it's the case.
Caught by Clang static analyzer (at least, the memcpy() case was.)
gi/arg.cpp | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
---
diff --git a/gi/arg.cpp b/gi/arg.cpp
index d8e61946..1b2be888 100644
--- a/gi/arg.cpp
+++ b/gi/arg.cpp
@@ -1970,7 +1970,8 @@ _Pragma("GCC diagnostic pop")
if (!array)
wrong = true;
else {
- g_array_append_vals(array, data, length);
+ if (data)
+ g_array_append_vals(array, data, length);
arg->v_pointer = array;
}
@@ -1978,7 +1979,9 @@ _Pragma("GCC diagnostic pop")
} else if (array_type == GI_ARRAY_TYPE_BYTE_ARRAY) {
GByteArray *byte_array = g_byte_array_sized_new(length);
- g_byte_array_append(byte_array, (const guint8 *) data, length);
+ if (data)
+ g_byte_array_append(byte_array,
+ static_cast<const uint8_t*>(data), length);
arg->v_pointer = byte_array;
g_free(data);
@@ -1986,7 +1989,8 @@ _Pragma("GCC diagnostic pop")
GPtrArray *array = g_ptr_array_sized_new(length);
g_ptr_array_set_size(array, length);
- memcpy(array->pdata, data, sizeof(gpointer) * length);
+ if (data)
+ memcpy(array->pdata, data, sizeof(void*) * length);
arg->v_pointer = array;
g_free(data);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]