You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2020/02/17 17:18:57 UTC
svn commit: r1874144 - /httpd/httpd/trunk/modules/dav/main/util.c
Author: jorton
Date: Mon Feb 17 17:18:57 2020
New Revision: 1874144
URL: http://svn.apache.org/viewvc?rev=1874144&view=rev
Log:
* module/dav/main/util.c (dav_check_bufsize): Don't call
memcpy(,NULL,0) if the buffer is uninitialized, to avoid tripping
UBSan. (Unclear if this is valid for this API.)
Modified:
httpd/httpd/trunk/modules/dav/main/util.c
Modified: httpd/httpd/trunk/modules/dav/main/util.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c?rev=1874144&r1=1874143&r2=1874144&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/dav/main/util.c (original)
+++ httpd/httpd/trunk/modules/dav/main/util.c Mon Feb 17 17:18:57 2020
@@ -101,6 +101,9 @@ DAV_DECLARE(dav_error*) dav_join_error(d
return dest;
}
+/* ### Unclear if this was designed to be used with an uninitialized
+ * dav_buffer struct, but is used on by dav_lock_get_activelock().
+ * Hence check for pbuf->buf. */
DAV_DECLARE(void) dav_check_bufsize(apr_pool_t * p, dav_buffer *pbuf,
apr_size_t extra_needed)
{
@@ -110,7 +113,8 @@ DAV_DECLARE(void) dav_check_bufsize(apr_
pbuf->alloc_len += extra_needed + DAV_BUFFER_PAD;
newbuf = apr_palloc(p, pbuf->alloc_len);
- memcpy(newbuf, pbuf->buf, pbuf->cur_len);
+ if (pbuf->buf)
+ memcpy(newbuf, pbuf->buf, pbuf->cur_len);
pbuf->buf = newbuf;
}
}