mirror/guile
mirror/guile
1
Fork 0
mirror of https://git.savannah.gnu.org/git/guile.git synced 2025-04-30 03:40:34 +02:00
Code Activity

Avoid passing NULL to 'memcpy' and 'memcmp'.

Browse source 
Reported by Jeffrey Walton <noloader@gmail.com> in
<https://lists.gnu.org/archive/html/guile-devel/2019-03/msg00001.html>.

Note that C11 section 7.1.4 (Use of library functions) states that:
"unless explicitly stated otherwise in the detailed descriptions [of
library functions] that follow: If an argument to a function has an
invalid value (such as ... a null pointer ...) ..., the behavior is
undefined."  Note that 'strxfrm' is an example of a standard C function
that explicitly states otherwise, allowing NULL to be passed in the
first argument if the size argument is zero, but no similar allowance is
specified for 'memcpy' or 'memcmp'.

* libguile/bytevectors.c (scm_uniform_array_to_bytevector): Call memcpy
only if 'byte_len' is non-zero.
* libguile/srfi-14.c (charsets_equal): Call memcmp only if the number of
ranges is non-zero.
* libguile/stime.c (setzone): Pass 1-character buffer to
'scm_to_locale_stringbuf', instead of NULL.
* libguile/strings.c (scm_to_locale_stringbuf): Call memcpy only if the
number of bytes to copy is non-zero.
This commit is contained in:
Mark H Weaver 2019-04-01 22:11:35 -04:00
parent 275c96dd1f
commit 6b1de860ab
4 changed files with 24 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

11
libguile/strings.c
View file

@ -1,5 +1,5 @@
/* Copyright (C) 1995, 1996, 1998, 2000, 2001, 2004, 2006,
* 2008-2016, 2018 Free Software Foundation, Inc.
* 2008-2016, 2018, 2019 Free Software Foundation, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License
@ -2283,13 +2283,18 @@ scm_to_stringn (SCM str, size_t *lenp, const char *encoding,
size_t
scm_to_locale_stringbuf (SCM str, char *buf, size_t max_len)
{
size_t len;
size_t len, copy_len;
char *result = NULL;
if (!scm_is_string (str))
scm_wrong_type_arg_msg (NULL, 0, str, "string");
result = scm_to_locale_stringn (str, &len);
memcpy (buf, result, (len > max_len) ? max_len : len);
copy_len = (len > max_len) ? max_len : len;
if (copy_len != 0)
/* Some users of 'scm_to_locale_stringbuf' may pass NULL for buf
when max_len is zero, and yet we must avoid passing NULL to
memcpy to avoid undefined behavior. */
memcpy (buf, result, copy_len);
free (result);
scm_remember_upto_here_1 (str);