diff options
| author |  Florin Malita <fmalita@chromium.org> | 2018-06-14 13:56:53 -0400 |
|---|---|---|
| committer |  Skia Commit-Bot <skia-commit-bot@chromium.org> | 2018-06-14 18:23:47 +0000 |
| commit | 28f5dd8a4c8aa053f417bcf7f1da94daa8915ca9 (patch) | |
| tree | d08702c8ad797b215c70e525b6b038d923b4342c /modules | |
| parent | fc792b8718cc30e9da62c9559b23c1baac3166bb (diff) | |
[skjson] Fix ASAN undefined behavior
ASAN opines that a nullptr memcpy dest is undefined behavior, even when
n == 0. ASAN may be right.
This doesn't occur internally, in the parser, but can be triggered with
the DOM builder API (as do some tests currently).
We could say "don't do that", but if someone wants to build an empty
string/array/object, it's kind of awkward to force them to provide a
valid source pointer instead of simply e.g. Array(nullptr, 0).
So let's guard for this case to make ASAN happy.
Change-Id: If12e39f5eb8b273f22bbb0b5fce3321bf6482173
Reviewed-on: https://skia-review.googlesource.com/134944
Reviewed-by: Mike Klein <mtklein@google.com>
Commit-Queue: Florin Malita <fmalita@chromium.org>
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/skjson/src/SkJSON.cpp | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/modules/skjson/src/SkJSON.cpp b/modules/skjson/src/SkJSON.cpp index e0a8f4371c..64f1302a7e 100644 --- a/modules/skjson/src/SkJSON.cpp +++ b/modules/skjson/src/SkJSON.cpp @@ -82,9 +82,12 @@ static void* MakeVector(const void* src, size_t size, SkArenaAlloc& alloc) { // The Ts are already in memory, so their size should be safe. const auto total_size = sizeof(size_t) + size * sizeof(T) + extra_alloc_size; auto* size_ptr = reinterpret_cast<size_t*>(alloc.makeBytesAlignedTo(total_size, kRecAlign)); - auto* data_ptr = reinterpret_cast<void*>(size_ptr + 1); *size_ptr = size; - memcpy(data_ptr, src, size * sizeof(T)); + + if (size) { + auto* data_ptr = reinterpret_cast<void*>(size_ptr + 1); + memcpy(data_ptr, src, size * sizeof(T)); + } return size_ptr; } @@ -121,8 +124,10 @@ StringValue::StringValue(const char* src, size_t size, SkArenaAlloc& alloc) { this->init_tagged(Tag::kShortString); auto* payload = this->cast<char>(); - memcpy(payload, src, size); - payload[size] = '\0'; + if (size) { + memcpy(payload, src, size); + payload[size] = '\0'; + } const auto len_tag = SkTo<char>(kMaxInlineStringSize - size); // This technically overwrites the tag, but is safe because |