commit ae48d965d70cc721a3165c40ba0c34d95408e229
parent 7589336120a258cf75134a5243b2f6b1926ac85b
Author: Gregory Anders <8965202+gpanders@users.noreply.github.com>
Date: Mon, 15 Jan 2024 14:25:57 -0600
fix(coverity/477623,477624): guard null pointer dereference in kv_concat_len (#27022)
Coverity warns about a possible null pointer dereference in the `memcpy`
call in `kv_concat_len`. The `memcpy` follows `kv_ensure_space` which
(re)allocates the `items` pointer if the vector's capacity is not large
enough to contain all of the items being appended. The only way `items`
would be NULL at this point is if `capacity` were mistakenly set to some
large number without `items` ever having being set in the first place.
This should not happen when using the kvec API so if this condition is
ever false it is a bug, which the `assert` will catch.
Diffstat:
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/klib/kvec.h b/src/klib/kvec.h
@@ -105,11 +105,12 @@
} while (0)
#define kv_concat_len(v, data, len) \
- do { \
+ if (len > 0) { \
kv_ensure_space(v, len); \
+ assert((v).items); \
memcpy((v).items + (v).size, data, sizeof((v).items[0]) * len); \
(v).size = (v).size + len; \
- } while (0)
+ }
#define kv_concat(v, str) kv_concat_len(v, str, strlen(str))
#define kv_splice(v1, v0) kv_concat_len(v1, (v0).items, (v0).size)
