Re: [iproute PATCH v3 6/6] lib/libnetlink: Don't pass NULL parameter to memcpy()

Thu, 24 Aug 2017 15:30:17 -0700 

On Thu, 24 Aug 2017 11:41:31 +0200
Phil Sutter <p...@nwl.cc> wrote:

> Both addattr_l() and rta_addattr_l() may be called with NULL data
> pointer and 0 alen parameters. Avoid calling memcpy() in that case.
> 
> Signed-off-by: Phil Sutter <p...@nwl.cc>
> ---
>  lib/libnetlink.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/lib/libnetlink.c b/lib/libnetlink.c
> index 874e660be7eb4..fbe719ee10449 100644
> --- a/lib/libnetlink.c
> +++ b/lib/libnetlink.c
> @@ -871,7 +871,8 @@ int addattr_l(struct nlmsghdr *n, int maxlen, int type, 
> const void *data,
>       rta = NLMSG_TAIL(n);
>       rta->rta_type = type;
>       rta->rta_len = len;
> -     memcpy(RTA_DATA(rta), data, alen);
> +     if (alen)
> +             memcpy(RTA_DATA(rta), data, alen);
>       n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len);
>       return 0;
>  }
> @@ -958,7 +959,8 @@ int rta_addattr_l(struct rtattr *rta, int maxlen, int 
> type,
>       subrta = (struct rtattr *)(((char *)rta) + RTA_ALIGN(rta->rta_len));
>       subrta->rta_type = type;
>       subrta->rta_len = len;
> -     memcpy(RTA_DATA(subrta), data, alen);
> +     if (alen)
> +             memcpy(RTA_DATA(subrta), data, alen);
>       rta->rta_len = NLMSG_ALIGN(rta->rta_len) + RTA_ALIGN(len);
>       return 0;
>  }

Ok, applied. You never know when GCC language experts might decide
to exploit undefined behavior.

Reply via email to