ref: 1bd200bc42dfee0751ecc1b38a2714de619261a1
parent: 24cb5eae37d11ad699b17b8add62573f156e96f6
author: Timothy B. Terriberry <[email protected]>
date: Tue Nov 6 06:41:11 EST 2018
Fix to avoid technically undefined behavior. The C standard says that calling library functions (including memcpy) with invalid arguments (including a NULL pointer) is undefined behavior unless otherwise noted (which memcpy doesn't). op_filter_read_native() invokes op_read_native() with NULL for the _pcm buffer, which triggers such a memcpy invocation. Even though it should be perfectly fine in practice to pass NULL to memcpy when copying zero bytes, don't do it. Thanks to a person who did not wish to be credited for the report.
--- a/src/opusfile.c
+++ b/src/opusfile.c
@@ -2818,10 +2818,16 @@
/*If we have buffered samples, return them.*/
if(nsamples>0){
if(nsamples*nchannels>_buf_size)nsamples=_buf_size/nchannels;
- memcpy(_pcm,_of->od_buffer+nchannels*od_buffer_pos,
- sizeof(*_pcm)*nchannels*nsamples);
- od_buffer_pos+=nsamples;
- _of->od_buffer_pos=od_buffer_pos;
+ /*Check nsamples again so we don't pass NULL to memcpy() if _buf_size
+ is zero.
+ That would technically be undefined behavior, even if the number of
+ bytes to copy were zero.*/
+ if(nsamples>0){
+ memcpy(_pcm,_of->od_buffer+nchannels*od_buffer_pos,
+ sizeof(*_pcm)*nchannels*nsamples);
+ od_buffer_pos+=nsamples;
+ _of->od_buffer_pos=od_buffer_pos;
+ }
if(_li!=NULL)*_li=_of->cur_link;
return nsamples;
}