]> git.saurik.com Git - apt.git/commit
projects / apt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2ce2ada) | patch
try not to call memcpy with length 0 in hash calculations
authorDavid Kalnischkies <david@kalnischkies.de>
Wed, 31 Aug 2016 08:11:07 +0000 (10:11 +0200)
committerJulian Andres Klode <jak@debian.org>
Wed, 5 Oct 2016 19:53:38 +0000 (21:53 +0200)
commit3b4a7c7da916ad9584af34d535ebac37f3b338a0
treea55f2ddbe5c2880bb50611c6d426db5b344f5c75tree | snapshot
parent2ce2ada40aa93ca5d31fb9dd0ca8d78df5751227commit | diff
try not to call memcpy with length 0 in hash calculations

memcpy is marked as nonnull for its input, but ignores the input anyhow
if the declared length is zero. Our SHA2 implementations do this as
well, it was "just" MD5 and SHA1 missing, so we add the length check
here as well as along the callstack as it is really pointless to do all
these method calls for "nothing".

Reported-By: gcc -fsanitize=undefined
(cherry picked from commit 644478e8db56f305601c3628a74e53de048b28c8)
apt-pkg/contrib/hashes.cc diff | blob | blame | history
apt-pkg/contrib/hashes.h diff | blob | blame | history
apt-pkg/contrib/hashsum_template.h diff | blob | blame | history
apt-pkg/contrib/md5.cc diff | blob | blame | history
apt-pkg/contrib/md5.h diff | blob | blame | history
apt-pkg/contrib/sha1.cc diff | blob | blame | history
apt-pkg/contrib/sha1.h diff | blob | blame | history
apt-pkg/contrib/sha2.h diff | blob | blame | history
methods/rred.cc diff | blob | blame | history
APT (for Cydia)