diff options
| author | Gregory Anders <8965202+gpanders@users.noreply.github.com> | 2024-01-15 14:25:57 -0600 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-15 14:25:57 -0600 |
| commit | ae48d965d70cc721a3165c40ba0c34d95408e229 (patch) | |
| tree | 7ebe40136025df78d7019d9aba333cfb65106bb0 | |
| parent | 7589336120a258cf75134a5243b2f6b1926ac85b (diff) | |
| download | rneovim-ae48d965d70cc721a3165c40ba0c34d95408e229.tar.gz rneovim-ae48d965d70cc721a3165c40ba0c34d95408e229.tar.bz2 rneovim-ae48d965d70cc721a3165c40ba0c34d95408e229.zip | |
fix(coverity/477623,477624): guard null pointer dereference in kv_concat_len (#27022)
Coverity warns about a possible null pointer dereference in the `memcpy`
call in `kv_concat_len`. The `memcpy` follows `kv_ensure_space` which
(re)allocates the `items` pointer if the vector's capacity is not large
enough to contain all of the items being appended. The only way `items`
would be NULL at this point is if `capacity` were mistakenly set to some
large number without `items` ever having being set in the first place.
This should not happen when using the kvec API so if this condition is
ever false it is a bug, which the `assert` will catch.
| -rw-r--r-- | src/klib/kvec.h | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/klib/kvec.h b/src/klib/kvec.h index f9ecca3d55..a32b35a14c 100644 --- a/src/klib/kvec.h +++ b/src/klib/kvec.h @@ -105,11 +105,12 @@ } while (0) #define kv_concat_len(v, data, len) \ - do { \ + if (len > 0) { \ kv_ensure_space(v, len); \ + assert((v).items); \ memcpy((v).items + (v).size, data, sizeof((v).items[0]) * len); \ (v).size = (v).size + len; \ - } while (0) + } #define kv_concat(v, str) kv_concat_len(v, str, strlen(str)) #define kv_splice(v1, v0) kv_concat_len(v1, (v0).items, (v0).size) |