From aff10976fc7722b1174fc3dcce15bfe8ebdfcbcd Mon Sep 17 00:00:00 2001 From: John Millikin Date: Mon, 16 Oct 2017 12:05:21 -0700 Subject: Fix undefined memory management found by Clang's sanitizers. See https://github.com/google/protobuf/issues/3752 for context. --- src/google/protobuf/descriptor.cc | 6 ++++-- src/google/protobuf/text_format.cc | 10 ++++++---- src/google/protobuf/util/json_util.cc | 8 +++++--- src/google/protobuf/util/json_util.h | 2 +- 4 files changed, 16 insertions(+), 10 deletions(-) diff --git a/src/google/protobuf/descriptor.cc b/src/google/protobuf/descriptor.cc index 58829560..3f54b848 100644 --- a/src/google/protobuf/descriptor.cc +++ b/src/google/protobuf/descriptor.cc @@ -4309,8 +4309,10 @@ FileDescriptor* DescriptorBuilder::BuildFileImpl( result->dependencies_once_ = tables_->AllocateOnceDynamic(); result->dependencies_names_ = tables_->AllocateArray(proto.dependency_size()); - memset(result->dependencies_names_, 0, - sizeof(*result->dependencies_names_) * proto.dependency_size()); + if (proto.dependency_size() > 0) { + memset(result->dependencies_names_, 0, + sizeof(*result->dependencies_names_) * proto.dependency_size()); + } } else { result->dependencies_once_ = NULL; result->dependencies_names_ = NULL; diff --git a/src/google/protobuf/text_format.cc b/src/google/protobuf/text_format.cc index 2ea97785..eed2a768 100644 --- a/src/google/protobuf/text_format.cc +++ b/src/google/protobuf/text_format.cc @@ -1244,10 +1244,12 @@ class TextFormat::Printer::TextGenerator while (size > buffer_size_) { // Data exceeds space in the buffer. Copy what we can and request a // new buffer. - memcpy(buffer_, data, buffer_size_); - data += buffer_size_; - size -= buffer_size_; - void* void_buffer; + if (buffer_size_ > 0) { + memcpy(buffer_, data, buffer_size_); + data += buffer_size_; + size -= buffer_size_; + } + void* void_buffer = NULL; failed_ = !output_->Next(&void_buffer, &buffer_size_); if (failed_) return; buffer_ = reinterpret_cast(void_buffer); diff --git a/src/google/protobuf/util/json_util.cc b/src/google/protobuf/util/json_util.cc index c85f1899..ce3569ce 100644 --- a/src/google/protobuf/util/json_util.cc +++ b/src/google/protobuf/util/json_util.cc @@ -61,9 +61,11 @@ void ZeroCopyStreamByteSink::Append(const char* bytes, size_t len) { buffer_size_ -= len; return; } - memcpy(buffer_, bytes, buffer_size_); - bytes += buffer_size_; - len -= buffer_size_; + if (buffer_size_ > 0) { + memcpy(buffer_, bytes, buffer_size_); + bytes += buffer_size_; + len -= buffer_size_; + } if (!stream_->Next(&buffer_, &buffer_size_)) { // There isn't a way for ByteSink to report errors. buffer_size_ = 0; diff --git a/src/google/protobuf/util/json_util.h b/src/google/protobuf/util/json_util.h index f4f4380a..dee3ddba 100644 --- a/src/google/protobuf/util/json_util.h +++ b/src/google/protobuf/util/json_util.h @@ -179,7 +179,7 @@ namespace internal { class LIBPROTOBUF_EXPORT ZeroCopyStreamByteSink : public strings::ByteSink { public: explicit ZeroCopyStreamByteSink(io::ZeroCopyOutputStream* stream) - : stream_(stream), buffer_size_(0) {} + : stream_(stream), buffer_(NULL), buffer_size_(0) {} ~ZeroCopyStreamByteSink(); virtual void Append(const char* bytes, size_t len); -- cgit v1.2.3