summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarko Mäkelä <marko.makela@mariadb.com>2020-09-23 12:47:49 +0300
committerMarko Mäkelä <marko.makela@mariadb.com>2020-09-23 12:47:49 +0300
commit7c5519c12d46ead947d341cbdcbb6fbbe4d4fe1b (patch)
tree005b12e21b8c38e7bac3aca5042f1145e28acc30
parent70960bd33d2699bc96821ec0a0381ca6de86e93e (diff)
downloadmariadb-git-7c5519c12d46ead947d341cbdcbb6fbbe4d4fe1b.tar.gz
MDEV-22387: Do not violate __attribute__((nonnull))
Passing a null pointer to a nonnull argument is not only undefined behaviour, but it also grants the compiler the permission to optimize away further checks whether the pointer is null. GCC -O2 at least starting with version 8 may do that, potentially causing SIGSEGV.
-rw-r--r--sql/protocol.cc8
-rw-r--r--sql/sql_string.cc2
-rw-r--r--strings/ctype-mb.c6
3 files changed, 10 insertions, 6 deletions
diff --git a/sql/protocol.cc b/sql/protocol.cc
index aa795b9d12a..de6d1b96f76 100644
--- a/sql/protocol.cc
+++ b/sql/protocol.cc
@@ -1,5 +1,5 @@
/* Copyright (c) 2000, 2012, Oracle and/or its affiliates.
- Copyright (c) 2008, 2012, Monty Program Ab
+ Copyright (c) 2008, 2020, MariaDB Corporation.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -58,7 +58,8 @@ bool Protocol_binary::net_store_data(const uchar *from, size_t length)
packet->realloc(packet_length+9+length))
return 1;
uchar *to= net_store_length((uchar*) packet->ptr()+packet_length, length);
- memcpy(to,from,length);
+ if (length)
+ memcpy(to,from,length);
packet->length((uint) (to+length-(uchar*) packet->ptr()));
return 0;
}
@@ -715,7 +716,8 @@ void net_send_progress_packet(THD *thd)
uchar *net_store_data(uchar *to, const uchar *from, size_t length)
{
to=net_store_length_fast(to,length);
- memcpy(to,from,length);
+ if (length)
+ memcpy(to,from,length);
return to+length;
}
diff --git a/sql/sql_string.cc b/sql/sql_string.cc
index 177d2a77d09..b79ca82698b 100644
--- a/sql/sql_string.cc
+++ b/sql/sql_string.cc
@@ -826,7 +826,7 @@ int sortcmp(const String *s,const String *t, CHARSET_INFO *cs)
int stringcmp(const String *s,const String *t)
{
uint32 s_len=s->length(),t_len=t->length(),len=MY_MIN(s_len,t_len);
- int cmp= memcmp(s->ptr(), t->ptr(), len);
+ int cmp= len ? memcmp(s->ptr(), t->ptr(), len) : 0;
return (cmp) ? cmp : (int) (s_len - t_len);
}
diff --git a/strings/ctype-mb.c b/strings/ctype-mb.c
index 3bcd29bbb8b..cabc940065b 100644
--- a/strings/ctype-mb.c
+++ b/strings/ctype-mb.c
@@ -1,5 +1,5 @@
/* Copyright (c) 2000, 2014, Oracle and/or its affiliates.
- Copyright (c) 2009, 2014, SkySQL Ab.
+ Copyright (c) 2009, 2020, MariaDB Corporation.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -407,7 +407,9 @@ my_copy_fix_mb(CHARSET_INFO *cs,
src, src + src_length,
nchars, status);
DBUG_ASSERT(well_formed_nchars <= nchars);
- memmove(dst, src, (well_formed_length= status->m_source_end_pos - src));
+ well_formed_length= status->m_source_end_pos - src;
+ if (well_formed_length)
+ memmove(dst, src, well_formed_length);
if (!status->m_well_formed_error_pos)
return well_formed_length;