From 13ccd1c4db4c3f26354530c3212b35462a002e06 Mon Sep 17 00:00:00 2001 From: Pekka Paalanen Date: Tue, 13 Jul 2021 13:19:48 +0300 Subject: [PATCH] wayland-util: avoid memcpy(NULL) in wl_array_copy() The problem was found running Weston, with both Weston and Wayland built with ASan: ../../git/wayland/src/wayland-util.c:150:2: runtime error: null pointer passed as argument 1, which is declared to never be null ../../git/wayland/src/wayland-util.c:150:2: runtime error: null pointer passed as argument 2, which is declared to never be null This turns out to be caused by copying an empty array into an empty array. That seems to be completely valid thing to do, and wl_array_init() initializes the pointers to NULL and size to zero. Copying initialized arrays must always be valid. The error are caused by calling memcpy() with NULL pointers. It doesn't explode, because also the size is zero. Fix the problem by calling memcpy() only if size is not zero. This should keep things like copying an empty array into a non-empty array work. Signed-off-by: Pekka Paalanen --- src/wayland-util.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/wayland-util.c b/src/wayland-util.c index d5973bf..47d0bae 100644 --- a/src/wayland-util.c +++ b/src/wayland-util.c @@ -147,7 +147,9 @@ wl_array_copy(struct wl_array *array, struct wl_array *source) array->size = source->size; } - memcpy(array->data, source->data, source->size); + if (source->size > 0) + memcpy(array->data, source->data, source->size); + return 0; } -- 2.7.4