RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-31 23:58:11 +00:00
Code Issues Activity Actions

DHCPClient: Fix undefined behaviour when calling memcpy() (#6416)

Browse source 
Calling memcpy with null pointers results in undefined behaviour, even
if count is zero.

This in turns is exploited by GCC. For example, the following code:
    memcpy (dst, src, n);
    if (!src)
      return;
    src[0] = 0xcafe;
will be optimized as:
    memcpy (dst, src, n);
    src[0] = 0xcafe;
IOW the test for NULL is gone.
This commit is contained in:
Georgiy Komarov 2021-04-17 21:49:22 +03:00 committed by GitHub
parent eedde500eb
commit f8c2beec7c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
Userland/Services/DHCPClient/DHCPv4.h
View file

@ -277,7 +277,8 @@ public:
options[next_option_offset++] = (u8)option;
memcpy(options + next_option_offset, &length, 1);
next_option_offset++;
memcpy(options + next_option_offset, data, length);
if (data && length)
memcpy(options + next_option_offset, data, length);
next_option_offset += length;
}