From e3e7189c11d909199155327fd6a93dcc6b68c7b3 Mon Sep 17 00:00:00 2001 From: Rich Felker Date: Sat, 11 Sep 2021 21:21:43 -0400 Subject: fix undefined behavior in getdelim via null pointer arithmetic and memcpy both passing a null pointer to memcpy with length 0, and adding 0 to a null pointer, are undefined. in some sense this is 'benign' UB, but having it precludes use of tooling that strictly traps on UB. there may be better ways to fix it, but conditioning the operations which are intended to be no-ops in the k==0 case on k being nonzero is a simple and safe solution. --- src/stdio/getdelim.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/stdio/getdelim.c b/src/stdio/getdelim.c index d2f5b15a..df114441 100644 --- a/src/stdio/getdelim.c +++ b/src/stdio/getdelim.c @@ -55,9 +55,11 @@ ssize_t getdelim(char **restrict s, size_t *restrict n, int delim, FILE *restric *s = tmp; *n = m; } - memcpy(*s+i, f->rpos, k); - f->rpos += k; - i += k; + if (k) { + memcpy(*s+i, f->rpos, k); + f->rpos += k; + i += k; + } if (z) break; if ((c = getc_unlocked(f)) == EOF) { if (!i || !feof(f)) { -- cgit 1.4.1