diff options
author | Demi Marie Obenour <demi@invisiblethingslab.com> | 2022-01-27 11:48:34 -0500 |
---|---|---|
committer | Michal Domonkos <mdomonko@redhat.com> | 2022-07-01 10:52:14 +0200 |
commit | 1123568f463c999bdafb6f97dc7d82a4d247da94 (patch) | |
tree | 80a54c0f20f42eb5e96ee1d75092c1e72d805a1c | |
parent | bca4e67db36edf467a146b5d208da3b1cfdaaef9 (diff) | |
download | rpm-1123568f463c999bdafb6f97dc7d82a4d247da94.tar.gz |
Avoid calling memcpy() on NULL
base2bin() would call memcpy() on NULL for empty fsverity signatures.
This is undefined behavior, even if the length is 0.
(cherry picked from commit 6d3ce1c96833e896f082df81c727687da130f416)
-rw-r--r-- | lib/rpmfi.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/rpmfi.c b/lib/rpmfi.c index 1f5ca7a20..d36263248 100644 --- a/lib/rpmfi.c +++ b/lib/rpmfi.c @@ -1626,8 +1626,10 @@ static uint8_t *base2bin(Header h, rpmTagVal tag, rpm_count_t num, int *len) t = bin = xcalloc(num, maxlen); for (i = 0; i < num; i++) { - memcpy(t, arr[i], lengths[i]); - free(arr[i]); + if (arr[i]) { + memcpy(t, arr[i], lengths[i]); + free(arr[i]); + } t += maxlen; } *len = maxlen; |