diff options
| author | Jack Lloyd <[email protected]> | 2015-12-25 18:02:50 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2015-12-25 18:02:50 -0500 |
| commit | 8d6fb90007ae67767936780e5e6cdb21ab5c8686 (patch) | |
| tree | 9de4fbd27a40fc970a9c272a7bc66f804950edc9 /src/lib/utils/mem_ops.h | |
| parent | 84eaa5cdd5c966d62475e223d26fce5946d261ef (diff) | |
Guard all std::mem* ops against any call with zero length.
Calling memset, memmove, memcpy with an undefined or null pointer,
even with length zero, causes undefined behavior. Prevent that from
happening within the functions that call these dangerous things
since allowing a caller to pass length == 0 with null or just
past the end and not have things explode is nice.
Oh C, you so crazy.
Diffstat (limited to 'src/lib/utils/mem_ops.h')
| -rw-r--r-- | src/lib/utils/mem_ops.h | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/src/lib/utils/mem_ops.h b/src/lib/utils/mem_ops.h index 6ea7bdafe..d11e3368c 100644 --- a/src/lib/utils/mem_ops.h +++ b/src/lib/utils/mem_ops.h @@ -28,7 +28,10 @@ BOTAN_DLL void zero_mem(void* ptr, size_t n); */ template<typename T> inline void clear_mem(T* ptr, size_t n) { - std::memset(ptr, 0, sizeof(T)*n); + if(n > 0) + { + std::memset(ptr, 0, sizeof(T)*n); + } } /** @@ -39,7 +42,10 @@ template<typename T> inline void clear_mem(T* ptr, size_t n) */ template<typename T> inline void copy_mem(T* out, const T* in, size_t n) { - std::memmove(out, in, sizeof(T)*n); + if(n > 0) + { + std::memmove(out, in, sizeof(T)*n); + } } /** @@ -51,7 +57,10 @@ template<typename T> inline void copy_mem(T* out, const T* in, size_t n) template<typename T> inline void set_mem(T* ptr, size_t n, byte val) { - std::memset(ptr, val, sizeof(T)*n); + if(n > 0) + { + std::memset(ptr, val, sizeof(T)*n); + } } /** |