opensourcemirror
/
neovim
mirror of https://github.com/neovim/neovim.git
1
0
Fork 0
Code Issues Releases Wiki Activity

fix(coverity/477623,477624): guard null pointer dereference in kv_concat_len (#27022) 

Coverity warns about a possible null pointer dereference in the `memcpy`
call in `kv_concat_len`. The `memcpy` follows `kv_ensure_space` which
(re)allocates the `items` pointer if the vector's capacity is not large
enough to contain all of the items being appended. The only way `items`
would be NULL at this point is if `capacity` were mistakenly set to some
large number without `items` ever having being set in the first place.
This should not happen when using the kvec API so if this condition is
ever false it is a bug, which the `assert` will catch.
This commit is contained in:
Gregory Anders 2024-01-15 14:25:57 -06:00 committed by GitHub
parent 7589336120
commit ae48d965d7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/klib/kvec.h
View File

@ -105,11 +105,12 @@
} while (0)
#define kv_concat_len(v, data, len) \
do { \
if (len > 0) { \
kv_ensure_space(v, len); \
assert((v).items); \
memcpy((v).items + (v).size, data, sizeof((v).items[0]) * len); \
(v).size = (v).size + len; \
} while (0)
}
#define kv_concat(v, str) kv_concat_len(v, str, strlen(str))
#define kv_splice(v1, v0) kv_concat_len(v1, (v0).items, (v0).size)