djsundog/circuitpython
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

mp_obj_instance_make_new: avoid undefined behavior

Browse Source 
If kw_args is NULL then memcpy() gets a NULL source argument.
This is undefined behavior under the C standard, even if 0 bytes
are being copied.

This problem was found using clang 7's scan-build static analyzer.
This commit is contained in:
Jeff Epler 2019-10-08 10:48:25 +09:00
parent 85f0048d22
commit 8fbe19b993
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
py/objtype.c
View File

@ -336,8 +336,10 @@ mp_obj_t mp_obj_instance_make_new(const mp_obj_type_t *self, size_t n_args, cons
mp_obj_t *args2 = m_new(mp_obj_t, 1 + n_args + 2 * n_kw); mp_obj_t *args2 = m_new(mp_obj_t, 1 + n_args + 2 * n_kw);
args2[0] = MP_OBJ_FROM_PTR(self); args2[0] = MP_OBJ_FROM_PTR(self);
memcpy(args2 + 1, args, n_args * sizeof(mp_obj_t)); memcpy(args2 + 1, args, n_args * sizeof(mp_obj_t));
// copy in kwargs if (n_kw) {
memcpy(args2 + 1 + n_args, kw_args->table, 2 * n_kw * sizeof(mp_obj_t)); // copy in kwargs
memcpy(args2 + 1 + n_args, kw_args->table, 2 * n_kw * sizeof(mp_obj_t));
}
new_ret = mp_call_function_n_kw(init_fn[0], n_args + 1, n_kw, args2); new_ret = mp_call_function_n_kw(init_fn[0], n_args + 1, n_kw, args2);
m_del(mp_obj_t, args2, 1 + n_args + 2 * n_kw); m_del(mp_obj_t, args2, 1 + n_args + 2 * n_kw);
} }