buffer: do not pass NULL to memcpy() from evbuffer_pullup()

UBSAN reports:

  evbuffer/remove_buffer_with_empty3: ../buffer.c:1443:3: runtime error: null pointer passed as argument 2, which is declared to never be null
      #0 0x7ffff6cd0410 in evbuffer_pullup ../buffer.c:1443
      #1 0x5555556d68b9 in test_evbuffer_remove_buffer_with_empty3 ../test/regress_buffer.c:408
      #2 0x5555557b95ee in testcase_run_bare_ ../test/tinytest.c:173
      #3 0x5555557ba048 in testcase_run_one ../test/tinytest.c:333
      #4 0x5555557bc0f8 in tinytest_main ../test/tinytest.c:527
      #5 0x555555787702 in main ../test/regress_main.c:528
      #6 0x7ffff606c001 in __libc_start_main (/usr/lib/libc.so.6+0x27001)
      #7 0x55555569436d in _start (/src/le/libevent/.cmake-debug/bin/regress+0x14036d)

1 files changed, 5 insertions, 3 deletions

diff --git a/buffer.c b/buffer.c
index bcb246f6..121b37c0 100644
--- a/buffer.c
+++ b/buffer.c
@@ -1440,9 +1440,11 @@ evbuffer_pullup(struct evbuffer *buf, ev_ssize_t size)
 	for (; chain != NULL && (size_t)size >= chain->off; chain = next) {
 		next = chain->next;
 
-		memcpy(buffer, chain->buffer + chain->misalign, chain->off);
-		size -= chain->off;
-		buffer += chain->off;
+		if (chain->buffer) {
+			memcpy(buffer, chain->buffer + chain->misalign, chain->off);
+			size -= chain->off;
+			buffer += chain->off;
+		}
 		if (chain == last_with_data)
 			removed_last_with_data = 1;
 		if (&chain->next == buf->last_with_datap)