diff options
author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2016-02-01 21:57:41 -0500 |
---|---|---|
committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2016-02-11 13:07:02 -0500 |
commit | 75f32f047cc380bdb648faf3ee277f7dc3cdd007 (patch) | |
tree | 62f5383768643896e2dfe2788c2bcd0933c19ab4 /src/basic | |
parent | 8cd095cc2724dac7523eda400522bbda41219d43 (diff) |
Add memcpy_safe
ISO/IEC 9899:1999 §7.21.1/2 says:
Where an argument declared as size_t n specifies the length of the array
for a function, n can have the value zero on a call to that
function. Unless explicitly stated otherwise in the description of a
particular function in this subclause, pointer arguments on such a call
shall still have valid values, as described in 7.1.4.
In base64_append_width memcpy was called as memcpy(x, NULL, 0). GCC 4.9
started making use of this and assumes This worked fine under -O0, but
does something strange under -O3.
This patch fixes a bug in base64_append_width(), fixes a possible bug in
journal_file_append_entry_internal(), and makes use of the new function
to simplify the code in other places.
Diffstat (limited to 'src/basic')
-rw-r--r-- | src/basic/hexdecoct.c | 3 | ||||
-rw-r--r-- | src/basic/util.h | 10 |
2 files changed, 12 insertions, 1 deletions
diff --git a/src/basic/hexdecoct.c b/src/basic/hexdecoct.c index f30e028f45..cbd97a1b69 100644 --- a/src/basic/hexdecoct.c +++ b/src/basic/hexdecoct.c @@ -27,6 +27,7 @@ #include "alloc-util.h" #include "hexdecoct.h" #include "macro.h" +#include "util.h" char octchar(int x) { return '0' + (x & 7); @@ -574,7 +575,7 @@ static int base64_append_width(char **prefix, int plen, if (!t) return -ENOMEM; - memcpy(t + plen, sep, slen); + memcpy_safe(t + plen, sep, slen); for (line = 0, s = t + plen + slen, avail = len; line < lines; line++) { int act = MIN(width, avail); diff --git a/src/basic/util.h b/src/basic/util.h index 76a06822b7..b7bad76212 100644 --- a/src/basic/util.h +++ b/src/basic/util.h @@ -104,6 +104,16 @@ static inline void qsort_safe(void *base, size_t nmemb, size_t size, comparison_ qsort(base, nmemb, size, compar); } +/** + * Normal memcpy requires src to be nonnull. We do nothing if n is 0. + */ +static inline void memcpy_safe(void *dst, const void *src, size_t n) { + if (n == 0) + return; + assert(src); + memcpy(dst, src, n); +} + int on_ac_power(void); #define memzero(x,l) (memset((x), 0, (l))) |