nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 09:27:59 +00:00
Code Issues Projects Releases Wiki Activity

Fix undefined behaviour in safegrowarray.

Browse Source 
UBsan points out that if the input pointer is NULL, we'll pass it to
memcpy, which is technically illegal by the C standard _even_ if the
length you pass with it is zero.

(cherry picked from commit 88d5948ead)
This commit is contained in:
Simon Tatham 2020-01-21 20:04:15 +00:00
parent ae84c959ac
commit 2c66217af8
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
memory.c
View File

@ -121,9 +121,11 @@ void *safegrowarray(void *ptr, size_t *allocated, size_t eltsize,
void *toret; void *toret;
if (secret) { if (secret) {
toret = safemalloc(newsize, eltsize, 0); toret = safemalloc(newsize, eltsize, 0);
memcpy(toret, ptr, oldsize * eltsize); if (oldsize) {
smemclr(ptr, oldsize * eltsize); memcpy(toret, ptr, oldsize * eltsize);
sfree(ptr); smemclr(ptr, oldsize * eltsize);
sfree(ptr);
}
} else { } else {
toret = saferealloc(ptr, newsize, eltsize); toret = saferealloc(ptr, newsize, eltsize);
} }