journal: fix against (theoretical) undefined behavior

While all the libc implementations I know return NULL when memchr's size parameter is 0, without accessing any memory, passing NULL to memchr is still invalid: C11 7.24.1p2: Where an argument declared as "size_t n" specifies the length of the array for a function, n can have the value zero on a call to that function. Unless explicitly stated otherwise in the description of a particular function in this subclause, pointer arguments on such a call shall still have valid values, as described in 7.1.4. On such a call, a function that locates a character finds no occurrence, a function that compares two character sequences returns zero, and a function that copies characters copies zero characters. see http://llvm.org/bugs/show_bug.cgi?id=18247
2013-12-16 15:41:00 -08:00 · 2013-12-16 15:41:00 -08:00 · 08c6f819cb
parent 7fd97d7829
commit 08c6f819cb
1 changed files with 4 additions and 1 deletions
--- a/src/journal/journal-file.c
+++ b/src/journal/journal-file.c
@ -1010,7 +1010,10 @@ static int journal_file_append_data(
        if (r < 0)
                return r;

-        eq = memchr(data, '=', size);
+        if (!data)
+                eq = NULL;
+        else
+                eq = memchr(data, '=', size);
        if (eq && eq > data) {
                uint64_t fp;
                Object *fo;