From c0ac2ba5afeedd535367d78bf39cbe58e968a345 Mon Sep 17 00:00:00 2001 From: Niko Tyni Date: Sun, 20 Dec 2015 09:49:14 +0200 Subject: [PATCH] Use memmove instead of memcpy in rrd_write() to fix undefined behaviour At least rrdtune ends up calling rrd_write() with the same memory area for the source and the destination, causing undefined behaviour that has been observed to actually break on the mips architecture. Bug-Debian: https://bugs.debian.org/805391 Bug: https://github.com/oetiker/rrdtool-1.x/issues/688 --- src/rrd_open.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/rrd_open.c b/src/rrd_open.c index b4e151e2..9e051648 100644 --- a/src/rrd_open.c +++ b/src/rrd_open.c @@ -808,7 +808,8 @@ ssize_t rrd_write( rrd_set_error("attempting to write beyond end of file (%ld + %ld > %ld)",rrd_file->pos, count, old_size); return -1; } - memcpy(rrd_simple_file->file_start + rrd_file->pos, buf, count); + /* can't use memcpy since the areas overlap when tuning */ + memmove(rrd_simple_file->file_start + rrd_file->pos, buf, count); rrd_file->pos += count; return count; /* mimmic write() semantics */ #else -- 2.47.2