CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	Stefan Eßer <se@FreeBSD.org>
	Sat, 15 Jan 2022 23:30:04 +0000 (00:30 +0100)
committer	Stefan Eßer <se@FreeBSD.org>
	Fri, 4 Mar 2022 19:47:23 +0000 (20:47 +0100)
commit	977ed30681c346a0b6be76a2e03b6651b94b58aa
tree	553d17bfb15e86f80487237db5c994d1659f0eb2	tree \| snapshot
parent	19b00621b65fc4092417d33e12b471413f07228c	commit \| diff

fread.c: fix undefined behavior

A case of undefined behavior in __fread() has been detected by UBSAN
and reported by Mark Millard:

/usr/main-src/lib/libc/stdio/fread.c:133:10: runtime error: applying
zero offset to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior in
/usr/main-src/lib/libc/stdio/fread.c:133:10

While being benign (the NULL pointer is later passed to memcpy() with
a length argument of 0), this issue causes in the order of 600 Kyua
test cases to fail on systems running a world built with WITH_UBSAN
and WITH_ASAN.

The undefined behavior can be prevented by skipping operations that
have no effect for r == 0. Mark Millard has suggested to only skip
this code segment if fp->_p == NULL, but I have verified that for the
case of r == 0 no further argument checking is performed on the
addresses passed to memcpy() and thus no bugs are hidden from the
sanitizers due to the simpler condition chosen.

(cherry picked from commit 10af8e45a89818754b80315539e167ae49599f17)