diff options
| author | Miguel Borges de Freitas <92enen@gmail.com> | 2024-06-25 20:52:39 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-06-25 20:52:39 +0100 |
| commit | a95f8b639a6ea90efb52ad4b465bd99ec010db7f (patch) | |
| tree | 28ab0bad8b3e0230ed28a4cc52907e49904c45c6 /lib | |
| parent | aa73be51909c5f29047c2da00e0f0c40164992f9 (diff) | |
| parent | 97a6b4fce58250a048ffb81e510412dce69fe5af (diff) | |
Merge pull request #25373 from vpeter4/libUPnP-memory-22
libUPnP: Fix memory allocation of size 0
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libUPnP/Neptune/Source/Core/NptDataBuffer.cpp | 4 | ||||
| -rw-r--r-- | lib/libUPnP/patches/0054-libUPnP-Fix-memory-allocation-of-size-0.patch | 33 |
2 files changed, 36 insertions, 1 deletions
diff --git a/lib/libUPnP/Neptune/Source/Core/NptDataBuffer.cpp b/lib/libUPnP/Neptune/Source/Core/NptDataBuffer.cpp index f5ab03ced3..c0b1c80a3d 100644 --- a/lib/libUPnP/Neptune/Source/Core/NptDataBuffer.cpp +++ b/lib/libUPnP/Neptune/Source/Core/NptDataBuffer.cpp @@ -237,7 +237,9 @@ NPT_DataBuffer::ReallocateBuffer(NPT_Size size) // check that the existing data fits if (m_DataSize > size) return NPT_ERROR_INVALID_PARAMETERS; - // allocate a new buffer + // allocate a new buffer only if size is not zero + if (!size) return NPT_ERROR_INVALID_PARAMETERS; + NPT_Byte* newBuffer = new NPT_Byte[size]; // copy the contents of the previous buffer, if any diff --git a/lib/libUPnP/patches/0054-libUPnP-Fix-memory-allocation-of-size-0.patch b/lib/libUPnP/patches/0054-libUPnP-Fix-memory-allocation-of-size-0.patch new file mode 100644 index 0000000000..9146ac0161 --- /dev/null +++ b/lib/libUPnP/patches/0054-libUPnP-Fix-memory-allocation-of-size-0.patch @@ -0,0 +1,33 @@ +From 667922032fa22607697ca4b5eb81c1f8c96e2161 Mon Sep 17 00:00:00 2001 +From: Peter <peter.vicman@gmail.com> +Date: Tue, 25 Jun 2024 10:57:31 +0200 +Subject: [PATCH] libUPnP: Fix memory allocation of size 0 + +In member function 'ReallocateBuffer', + inlined from 'SetBufferSize' at ../../kodi-e495e26f477d4de8a7e6c2fac4acbe1a15e22242/.aarch64-libreelec-linux-gnu/../lib/libUPnP/Neptune/Source/Core/NptDataBuffer.cpp:172:32, + inlined from 'Load' at ../../kodi-e495e26f477d4de8a7e6c2fac4acbe1a15e22242/.aarch64-libreelec-linux-gnu/../lib/libUPnP/Neptune/Source/Core/NptStreams.cpp:106:33: +../../kodi-e495e26f477d4de8a7e6c2fac4acbe1a15e22242/.aarch64-libreelec-linux-gnu/../lib/libUPnP/Neptune/Source/Core/NptDataBuffer.cpp:245:23: warning: '__builtin_memcpy' writing between 1 and 4294967295 bytes into a region of size 0 [-Wstringop-overflow=] +../../kodi-e495e26f477d4de8a7e6c2fac4acbe1a15e22242/.aarch64-libreelec-linux-gnu/../lib/libUPnP/Neptune/Source/Core/NptDataBuffer.cpp:241:44: note: destination object of size 0 allocated by 'operator new []' + +--- + lib/libUPnP/Neptune/Source/Core/NptDataBuffer.cpp | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/lib/libUPnP/Neptune/Source/Core/NptDataBuffer.cpp b/lib/libUPnP/Neptune/Source/Core/NptDataBuffer.cpp +index f5ab03c..c0b1c80 100644 +--- a/lib/libUPnP/Neptune/Source/Core/NptDataBuffer.cpp ++++ b/lib/libUPnP/Neptune/Source/Core/NptDataBuffer.cpp +@@ -237,7 +237,9 @@ NPT_DataBuffer::ReallocateBuffer(NPT_Size size) + // check that the existing data fits + if (m_DataSize > size) return NPT_ERROR_INVALID_PARAMETERS; + +- // allocate a new buffer ++ // allocate a new buffer only if size is not zero ++ if (!size) return NPT_ERROR_INVALID_PARAMETERS; ++ + NPT_Byte* newBuffer = new NPT_Byte[size]; + + // copy the contents of the previous buffer, if any +-- +2.41.0.dirty + |