From 0362d6b374e4b10e324e09e750b88d6c6bc834d1 Mon Sep 17 00:00:00 2001 From: Craig Tiller Date: Thu, 13 Apr 2017 07:59:08 -0700 Subject: ubsan fixes --- src/core/ext/census/context.c | 2 +- src/core/ext/census/resource.c | 4 +++- src/core/lib/channel/http_client_filter.c | 6 ++++-- test/core/end2end/fuzzers/api_fuzzer.c | 2 +- test/core/support/spinlock_test.c | 2 +- 5 files changed, 10 insertions(+), 6 deletions(-) diff --git a/src/core/ext/census/context.c b/src/core/ext/census/context.c index 0dfc4ecbf1..4195cb1c9b 100644 --- a/src/core/ext/census/context.c +++ b/src/core/ext/census/context.c @@ -200,7 +200,7 @@ static bool tag_set_add_tag(struct tag_set *tags, const census_tag *tag, // allocate new memory if needed tags->kvm_size += 2 * CENSUS_MAX_TAG_KV_LEN + TAG_HEADER_SIZE; char *new_kvm = gpr_malloc(tags->kvm_size); - memcpy(new_kvm, tags->kvm, tags->kvm_used); + if (tags->kvm_used > 0) memcpy(new_kvm, tags->kvm, tags->kvm_used); gpr_free(tags->kvm); tags->kvm = new_kvm; } diff --git a/src/core/ext/census/resource.c b/src/core/ext/census/resource.c index ed44f004f9..26ea1a8672 100644 --- a/src/core/ext/census/resource.c +++ b/src/core/ext/census/resource.c @@ -223,7 +223,9 @@ size_t allocate_resource(void) { if (n_resources == n_defined_resources) { size_t new_n_resources = n_resources ? n_resources * 2 : 2; resource **new_resources = gpr_malloc(new_n_resources * sizeof(resource *)); - memcpy(new_resources, resources, n_resources * sizeof(resource *)); + if (n_resources != 0) { + memcpy(new_resources, resources, n_resources * sizeof(resource *)); + } memset(new_resources + n_resources, 0, (new_n_resources - n_resources) * sizeof(resource *)); gpr_free(resources); diff --git a/src/core/lib/channel/http_client_filter.c b/src/core/lib/channel/http_client_filter.c index 4e47c5c658..255f5388aa 100644 --- a/src/core/lib/channel/http_client_filter.c +++ b/src/core/lib/channel/http_client_filter.c @@ -222,8 +222,10 @@ static void continue_send_message(grpc_exec_ctx *exec_ctx, while (grpc_byte_stream_next( exec_ctx, calld->send_op->payload->send_message.send_message, &calld->incoming_slice, ~(size_t)0, &calld->got_slice)) { - memcpy(wrptr, GRPC_SLICE_START_PTR(calld->incoming_slice), - GRPC_SLICE_LENGTH(calld->incoming_slice)); + if (GRPC_SLICE_LENGTH(calld->incoming_slice) > 0) { + memcpy(wrptr, GRPC_SLICE_START_PTR(calld->incoming_slice), + GRPC_SLICE_LENGTH(calld->incoming_slice)); + } wrptr += GRPC_SLICE_LENGTH(calld->incoming_slice); grpc_slice_buffer_add(&calld->slices, calld->incoming_slice); if (calld->send_length == calld->slices.length) { diff --git a/test/core/end2end/fuzzers/api_fuzzer.c b/test/core/end2end/fuzzers/api_fuzzer.c index a0acf5bf60..0ec5a23d5d 100644 --- a/test/core/end2end/fuzzers/api_fuzzer.c +++ b/test/core/end2end/fuzzers/api_fuzzer.c @@ -967,7 +967,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { break; } grpc_op *ops = gpr_malloc(sizeof(grpc_op) * num_ops); - memset(ops, 0, sizeof(grpc_op) * num_ops); + if (num_ops > 0) memset(ops, 0, sizeof(grpc_op) * num_ops); bool ok = true; size_t i; grpc_op *op; diff --git a/test/core/support/spinlock_test.c b/test/core/support/spinlock_test.c index c70e76c7ea..96055e9bd7 100644 --- a/test/core/support/spinlock_test.c +++ b/test/core/support/spinlock_test.c @@ -109,7 +109,7 @@ static void test(const char *name, void (*body)(void *m), int timeout_s, start, gpr_time_from_micros((int64_t)timeout_s * 1000000, GPR_TIMESPAN)); fprintf(stderr, "%s:", name); while (gpr_time_cmp(gpr_now(GPR_CLOCK_REALTIME), deadline) < 0) { - iterations <<= 1; + if (iterations < INT64_MAX / 2) iterations <<= 1; fprintf(stderr, " %ld", (long)iterations); m = test_new(10, iterations, incr_step); test_create_threads(m, body); -- cgit v1.2.3