Commit 37b28feb authored by Dimitry Andric's avatar Dimitry Andric

lib: Avoid declaring zero-sized VLAs in various messaging functions

In messaging_rec_create(), messaging_recv_cb() and
messaging_dispatch_rec(), variable length arrays of file descriptors are
declared, using an incoming num_fds parameter.

However, there are several scenarios where num_fds can be zero, and
declaring a zero-length VLA is undefined behavior. This can lead to
segmentation faults and/or other crashen when compiling with recent
versions of clang at high optimization levels.

To avoid ever using zero as the length for these declarations, use
MAX(1, length) instead.
Signed-off-by: Dimitry Andric's avatarDimitry Andric <dimitry@andric.com>
parent 54963d24
Pipeline #236432143 passed with stages
in 111 minutes and 16 seconds
......@@ -157,7 +157,7 @@ struct messaging_rec *messaging_rec_create(
{
struct messaging_rec rec;
int64_t fds64[num_fds];
int64_t fds64[MAX(1, num_fds)];
size_t i;
for (i=0; i<num_fds; i++) {
......@@ -391,7 +391,7 @@ static void messaging_recv_cb(struct tevent_context *ev,
private_data, struct messaging_context);
struct server_id_buf idbuf;
struct messaging_rec rec;
int64_t fds64[MIN(num_fds, INT8_MAX)];
int64_t fds64[MAX(1, MIN(num_fds, INT8_MAX))];
size_t i;
if (msg_len < MESSAGE_HDR_LENGTH) {
......@@ -1372,7 +1372,7 @@ static void messaging_dispatch_rec(struct messaging_context *msg_ctx,
if (ev != msg_ctx->event_ctx) {
struct iovec iov;
int fds[rec->num_fds];
int fds[MAX(1, rec->num_fds)];
int ret;
/*
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment