diff options
author | Theodore Ts'o <tytso@mit.edu> | 2019-11-04 18:43:49 -0500 |
---|---|---|
committer | Theodore Ts'o <tytso@mit.edu> | 2019-11-04 18:43:49 -0500 |
commit | 41c05c9dc26a87bf0ffea64976be1a34dd542056 (patch) | |
tree | 1c24d317685d545bdd9b84badcbd87ac5bf264e9 | |
parent | 9bfbf1d5b93388d62a7f0eb498ab30d7a6aab871 (diff) | |
download | e2fsprogs-41c05c9dc26a87bf0ffea64976be1a34dd542056.tar.gz |
libext2fs: fix UBSan when updating an inline_data file
What memcpy does when the length is zero is not well-defined. So
avoid it.
Bug: https://github.com/tytso/e2fsprogs/issues/25
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
-rw-r--r-- | lib/ext2fs/ext_attr.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/lib/ext2fs/ext_attr.c b/lib/ext2fs/ext_attr.c index 78a823a90..affc1a8fc 100644 --- a/lib/ext2fs/ext_attr.c +++ b/lib/ext2fs/ext_attr.c @@ -1550,14 +1550,15 @@ errcode_t ext2fs_xattr_set(struct ext2_xattr_handle *h, new_value, &value_len); if (ret) goto out; - } else + } else if (value_len) memcpy(new_value, value, value_len); /* Imitate kernel behavior by skipping update if value is the same. */ for (x = h->attrs; x < h->attrs + h->count; x++) { if (!strcmp(x->name, name)) { if (!x->ea_ino && x->value_len == value_len && - !memcmp(x->value, new_value, value_len)) { + (!value_len || + !memcmp(x->value, new_value, value_len))) { ret = 0; goto out; } |