From 592d665fbcdc46574ed1789b2a9073a5fcd5e4f3 Mon Sep 17 00:00:00 2001 From: Nicolas PLANEL Date: Tue, 26 Aug 2014 11:43:49 -0400 Subject: [PATCH] cls: check data before memcpy() it [thaller@redhat.com: I modified the condition "if (data && len)" in the original patch to just check "len > 0". Note that all call sites of meta_alloc() make sure to pass a valid data pointer with a non-zero length (anything else would be a bug). But indeed, calling memcpy with invalid src pointer is undefined behavior, even if len is zero.] Signed-off-by: Thomas Haller --- lib/route/cls/ematch/meta.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/route/cls/ematch/meta.c b/lib/route/cls/ematch/meta.c index 6249bb1..e33c405 100644 --- a/lib/route/cls/ematch/meta.c +++ b/lib/route/cls/ematch/meta.c @@ -51,7 +51,8 @@ static struct rtnl_meta_value *meta_alloc(uint8_t type, uint16_t id, value->mv_shift = shift; value->mv_len = len; - memcpy(value + 1, data, len); + if (len) + memcpy(value + 1, data, len); return value; }