From a77fda0cd4b9ec89024c7ac8a3f77797e00f4263 Mon Sep 17 00:00:00 2001
From: Gary Lockyer <gary@catalyst.net.nz>
Date: Thu, 6 Jun 2019 14:57:45 +1200
Subject: lib tdb: memcmp ubsan warning

Fix the ubsan warning

lib/tdb/common/tdb.c:184:9: runtime error: null pointer passed as
argument 2, which is declared to never be null"

memcmp call now guarded by a length check.

memcmp returns zero when called with a zero length parameter.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>

Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Mon Jul  1 14:50:54 UTC 2019 on sn-devel-184
---
 lib/tdb/common/tdb.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

(limited to 'lib/tdb')

diff --git a/lib/tdb/common/tdb.c b/lib/tdb/common/tdb.c
index 9c80a36e00a..c56b37be5ca 100644
--- a/lib/tdb/common/tdb.c
+++ b/lib/tdb/common/tdb.c
@@ -180,12 +180,14 @@ static int tdb_update_hash_cmp(TDB_DATA key, TDB_DATA data, void *private_data)
 
 	for (i=0; i<state->num_dbufs; i++) {
 		TDB_DATA dbuf = state->dbufs[i];
-		int ret;
-		ret = memcmp(dptr, dbuf.dptr, dbuf.dsize);
-		if (ret != 0) {
-			return -1;
+		if( dbuf.dsize > 0) {
+			int ret;
+			ret = memcmp(dptr, dbuf.dptr, dbuf.dsize);
+			if (ret != 0) {
+				return -1;
+			}
+			dptr += dbuf.dsize;
 		}
-		dptr += dbuf.dsize;
 	}
 
 	return 0;
-- 
cgit v1.2.1