From 86f64bf43f70ecefa9232f5b8621b179dfff52fd Mon Sep 17 00:00:00 2001 From: Nick Alcock Date: Thu, 25 Mar 2021 16:32:46 +0000 Subject: [PATCH] libctf, serialize: functions with no args have a NULL dtd_vlen Every place that accesses a function's dtd_vlen accesses it only if the number of args is nonzero, except the serializer, which always tries to memcpy it. The number of bytes it memcpys in this case is zero, but it is still undefined behaviour to copy zero bytes from a null pointer. So check for this case explicitly. libctf/ChangeLog 2021-03-25 Nick Alcock PR libctf/27628 * ctf-serialize.c (ctf_emit_type_sect): Allow for a NULL vlen in CTF_K_FUNCTION types. --- libctf/ChangeLog | 6 ++++++ libctf/ctf-serialize.c | 4 +++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/libctf/ChangeLog b/libctf/ChangeLog index 909c4fc87b5..a9e76ecd7ca 100644 --- a/libctf/ChangeLog +++ b/libctf/ChangeLog @@ -1,3 +1,9 @@ +2021-03-25 Nick Alcock + + PR libctf/27628 + * ctf-serialize.c (ctf_emit_type_sect): Allow for a NULL vlen in + CTF_K_FUNCTION types. + 2021-03-25 Nick Alcock * ctf-dump.c (ctf_dump_format_type): Don't emit size or alignment diff --git a/libctf/ctf-serialize.c b/libctf/ctf-serialize.c index 0811b7b6efe..9f50280176c 100644 --- a/libctf/ctf-serialize.c +++ b/libctf/ctf-serialize.c @@ -849,7 +849,9 @@ ctf_emit_type_sect (ctf_dict_t *fp, unsigned char **tptr) break; case CTF_K_FUNCTION: - memcpy (t, dtd->dtd_vlen, sizeof (uint32_t) * (vlen + (vlen & 1))); + /* Functions with no args also have no vlen. */ + if (dtd->dtd_vlen) + memcpy (t, dtd->dtd_vlen, sizeof (uint32_t) * (vlen + (vlen & 1))); t += sizeof (uint32_t) * (vlen + (vlen & 1)); break; -- 2.30.2