Avoid undefined behaviour in DOH Replace() function

If the source and replacement strings were the same length, the code was performing undefined pointer arithmetic involving a NULL pointer. I'm not aware of any observable effects of this in practice, but it's potentially problematic. It's detected by ubsan, for example when running `make check-python-test-suite`: DOH/string.c:839:4: runtime error: applying non-zero offset to non-null pointer 0x602000001558 produced null pointer SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior DOH/string.c:839:4 in
author: Olly Betts <olly@survex.com> 2020-09-04 10:44:49 +1200
committer: Olly Betts <olly@survex.com> 2020-09-04 10:44:49 +1200
commit: 975f8fcfdba56294bb190d745cdd449a52e633f4 (patch)
tree: 891b443eda9ead7c831efa48757b8b896454e216
parent: b018c32f9d0ba963560fa08da84802c23c41d89d (diff)
download: swig-975f8fcfdba56294bb190d745cdd449a52e633f4.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/Source/DOH/string.c b/Source/DOH/string.c
index 3689f4ffe..093330b89 100644
--- a/Source/DOH/string.c
+++ b/Source/DOH/string.c
@@ -836,7 +836,9 @@ static int replace_simple(String *str, char *token, char *rep, int flags, int co
 	  memmove(t, s, (str->str + str->len) - s + 1);
 	}
       } else {
-	t += (c - s);
+	if (c) {
+	  t += (c - s);
+	}
       }
       s = c;
       ic--;
author	Olly Betts <olly@survex.com>	2020-09-04 10:44:49 +1200
committer	Olly Betts <olly@survex.com>	2020-09-04 10:44:49 +1200
commit	975f8fcfdba56294bb190d745cdd449a52e633f4 (patch)
tree	891b443eda9ead7c831efa48757b8b896454e216
parent	b018c32f9d0ba963560fa08da84802c23c41d89d (diff)
download	swig-975f8fcfdba56294bb190d745cdd449a52e633f4.tar.gz