4869. [bug] Address some cases where NULL with zero length could

                        be passed to memmove which is undefined behaviour and
                        can lead to bad optimisation. [RT #46888]

(cherry picked from commit fdd8838bf9c4de07372196607f860dd240986577)

diff --git a/CHANGES b/CHANGES
index bdb6dc8143dbf45c3335750f20ef97fd54845f59..18d3f2e926d0fc5741642467fb6a2a68428682cf 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+4869.  [bug]           Address some cases where NULL with zero length could
+                       be passed to memmove which is undefined behaviour and
+                       can lead to bad optimisation. [RT #46888]
+
 4867.  [cleanup]       Normalize rndc on/off commands (validation and
                        querylog) so they accept the same synonyms
                        for on/off (yes/no, true/false, enable/disable).

diff --git a/lib/dns/diff.c b/lib/dns/diff.c
index c4fa4e4cc24f59d4eaf0ef9ff55b758492d247df..b0f2eade80e7d2ccd27903b954c396152e794208 100644 (file)
--- a/lib/dns/diff.c
+++ b/lib/dns/diff.c
@@ -89,11 +89,16 @@ dns_difftuple_create(isc_mem_t *mctx,
 
        t->ttl = ttl;
 
-       memmove(datap, rdata->data, rdata->length);
        dns_rdata_init(&t->rdata);
        dns_rdata_clone(rdata, &t->rdata);
-       t->rdata.data = datap;
-       datap += rdata->length;
+       if (rdata->data != NULL) {
+               memmove(datap, rdata->data, rdata->length);
+               t->rdata.data = datap;
+               datap += rdata->length;
+       } else {
+               t->rdata.data = NULL;
+               INSIST(rdata->length == 0);
+       }
 
        ISC_LINK_INIT(&t->rdata, link);
        ISC_LINK_INIT(t, link);