commit ae6576eada328e1b7d0ba42b35e157c0aaa38299
parent 4a26785c0cab4686e5825fe5f5e921d12e7142b7
Author: jvoisin <julien.voisin@dustri.org>
Date: Fri, 31 Oct 2025 21:05:58 +0100
Add some NULL-pointers checks
See:
- https://www.imperialviolet.org/2016/06/26/nonnull.html
- https://davidben.net/2024/01/15/empty-slices.html
Diffstat:
1 file changed, 12 insertions(+), 0 deletions(-)
diff --git a/include/string.h b/include/string.h
@@ -45,6 +45,9 @@ _FORTIFY_FN(memcpy) void *memcpy(void * _FORTIFY_POS0 __od,
char *__d = (char *)__od;
const char *__s = (const char *)__os;
+ if (!__od || !__os)
+ __builtin_trap();
+
/* trap if pointers are overlapping but not if dst == src.
* gcc seems to like to generate code that relies on dst == src */
if ((__d < __s && __d + __n > __s) ||
@@ -61,6 +64,9 @@ _FORTIFY_FN(memmove) void *memmove(void * _FORTIFY_POS0 __d,
size_t __bd = __bos(__d, 0);
size_t __bs = __bos(__s, 0);
+ if (!__d || !__s)
+ __builtin_trap();
+
if (__n > __bd || __n > __bs)
__builtin_trap();
return __orig_memmove(__d, __s, __n);
@@ -70,6 +76,9 @@ _FORTIFY_FN(memset) void *memset(void * _FORTIFY_POS0 __d, int __c, size_t __n)
{
size_t __b = __bos(__d, 0);
+ if (!__d)
+ __builtin_trap();
+
if (__n > __b)
__builtin_trap();
return __builtin_memset(__d, __c, __n);
@@ -153,6 +162,9 @@ _FORTIFY_FN(mempcpy) void *mempcpy(void * _FORTIFY_POS0 __d,
size_t __bd = __bos(__d, 0);
size_t __bs = __bos(__s, 0);
+ if (!__d || !__s)
+ __builtin_trap();
+
if (__n > __bd || __n > __bs)
__builtin_trap();
return __orig_mempcpy(__d, __s, __n);
