shithub: opusfile

Download patch

ref: 1bd200bc42dfee0751ecc1b38a2714de619261a1
parent: 24cb5eae37d11ad699b17b8add62573f156e96f6
author: Timothy B. Terriberry <[email protected]>
date: Tue Nov 6 06:41:11 EST 2018

Fix to avoid technically undefined behavior.

The C standard says that calling library functions (including
 memcpy) with invalid arguments (including a NULL pointer) is
 undefined behavior unless otherwise noted (which memcpy doesn't).
op_filter_read_native() invokes op_read_native() with NULL for the
 _pcm buffer, which triggers such a memcpy invocation.
Even though it should be perfectly fine in practice to pass NULL to
 memcpy when copying zero bytes, don't do it.

Thanks to a person who did not wish to be credited for the report.

--- a/src/opusfile.c
+++ b/src/opusfile.c
@@ -2818,10 +2818,16 @@
       /*If we have buffered samples, return them.*/
       if(nsamples>0){
         if(nsamples*nchannels>_buf_size)nsamples=_buf_size/nchannels;
-        memcpy(_pcm,_of->od_buffer+nchannels*od_buffer_pos,
-         sizeof(*_pcm)*nchannels*nsamples);
-        od_buffer_pos+=nsamples;
-        _of->od_buffer_pos=od_buffer_pos;
+        /*Check nsamples again so we don't pass NULL to memcpy() if _buf_size
+           is zero.
+          That would technically be undefined behavior, even if the number of
+           bytes to copy were zero.*/
+        if(nsamples>0){
+          memcpy(_pcm,_of->od_buffer+nchannels*od_buffer_pos,
+           sizeof(*_pcm)*nchannels*nsamples);
+          od_buffer_pos+=nsamples;
+          _of->od_buffer_pos=od_buffer_pos;
+        }
         if(_li!=NULL)*_li=_of->cur_link;
         return nsamples;
       }