Module Name: src Committed By: kamil Date: Sun Apr 5 15:16:11 UTC 2020
Modified Files: src/sys/rump/librump/rumpkern: rumpcopy.c Log Message: Return early on 0-sized transfers (usually to/from NULL-objects) This logic is already present in subr_copy.c:copyin_vmspace() and rumpcopy.c:copyinstr(). This avoids memcpy() calls for NULL objects that is Undefined Behavior, allowed in the kernel space (-fno-delete-null-pointer-checks), but not in userland. Reported by UBSan. To generate a diff of this commit: cvs rdiff -u -r1.23 -r1.24 src/sys/rump/librump/rumpkern/rumpcopy.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/rump/librump/rumpkern/rumpcopy.c diff -u src/sys/rump/librump/rumpkern/rumpcopy.c:1.23 src/sys/rump/librump/rumpkern/rumpcopy.c:1.24 --- src/sys/rump/librump/rumpkern/rumpcopy.c:1.23 Sat Apr 6 03:06:28 2019 +++ src/sys/rump/librump/rumpkern/rumpcopy.c Sun Apr 5 15:16:11 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: rumpcopy.c,v 1.23 2019/04/06 03:06:28 thorpej Exp $ */ +/* $NetBSD: rumpcopy.c,v 1.24 2020/04/05 15:16:11 kamil Exp $ */ /* * Copyright (c) 2009 Antti Kantee. All Rights Reserved. @@ -26,7 +26,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: rumpcopy.c,v 1.23 2019/04/06 03:06:28 thorpej Exp $"); +__KERNEL_RCSID(0, "$NetBSD: rumpcopy.c,v 1.24 2020/04/05 15:16:11 kamil Exp $"); #define __UFETCHSTORE_PRIVATE #define __UCAS_PRIVATE @@ -45,6 +45,9 @@ copyin(const void *uaddr, void *kaddr, s { int error = 0; + if (len == 0) + return 0; + if (__predict_false(uaddr == NULL && len)) { return EFAULT; } @@ -64,6 +67,9 @@ copyout(const void *kaddr, void *uaddr, { int error = 0; + if (len == 0) + return 0; + if (__predict_false(uaddr == NULL && len)) { return EFAULT; } @@ -137,6 +143,9 @@ copyoutstr(const void *kaddr, void *uadd size_t slen; int error; + if (len == 0) + return 0; + if (__predict_false(uaddr == NULL && len)) { return EFAULT; } @@ -160,6 +169,9 @@ int kcopy(const void *src, void *dst, size_t len) { + if (len == 0) + return 0; + memcpy(dst, src, len); return 0; }