Avoid memcpy with NULL argument

[PATCH 1/2] virNetMessageEncodePayloadRaw: Tolerate empty 'data'
Posted by Peter Krempa 3 years, 8 months ago
'virNetMessageEncodePayloadRaw' is not supposed to be called with 'NULL'
data, but the code path from 'virNetClientStreamSendPacket' does so.

Now 'virNetMessageEncodePayloadEmpty' is intended for such case, but
since it's just a sub-set of steps from 'virNetMessageEncodePayloadRaw'
it's more straightforward to add NULL-tolerance to 'virNetMessageEncodePayloadRaw'
and subsequently remove 'virNetMessageEncodePayloadEmpty'.

Closes: https://gitlab.com/libvirt/libvirt/-/issues/308
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
---
 src/rpc/virnetmessage.c | 51 +++++++++++++++++++++++++----------------
 1 file changed, 31 insertions(+), 20 deletions(-)

diff --git a/src/rpc/virnetmessage.c b/src/rpc/virnetmessage.c
index 221da7c59b..b806adf782 100644
--- a/src/rpc/virnetmessage.c
+++ b/src/rpc/virnetmessage.c
@@ -434,6 +434,15 @@ int virNetMessageDecodePayload(virNetMessage *msg,
 }


+/**
+ * virNetMessageEncodePayloadRaw:
+ * @msg: message to encode payload into
+ * @data: data to encode into @msg
+ * @len: lenght of @data
+ *
+ * Encodes message payload. If @data is NULL or @len is 0 an empty message is
+ * encoded.
+ */
 int virNetMessageEncodePayloadRaw(virNetMessage *msg,
                                   const char *data,
                                   size_t len)
@@ -441,30 +450,32 @@ int virNetMessageEncodePayloadRaw(virNetMessage *msg,
     XDR xdr;
     unsigned int msglen;

-    /* If the message buffer is too small for the payload increase it accordingly. */
-    if ((msg->bufferLength - msg->bufferOffset) < len) {
-        if ((msg->bufferOffset + len) >
-            (VIR_NET_MESSAGE_MAX + VIR_NET_MESSAGE_LEN_MAX)) {
-            virReportError(VIR_ERR_RPC,
-                           _("Stream data too long to send "
-                             "(%zu bytes needed, %zu bytes available)"),
-                           len,
-                           VIR_NET_MESSAGE_MAX +
-                           VIR_NET_MESSAGE_LEN_MAX -
-                           msg->bufferOffset);
-            return -1;
+    if (data && len > 0) {
+        /* If the message buffer is too small for the payload increase it accordingly. */
+        if ((msg->bufferLength - msg->bufferOffset) < len) {
+            if ((msg->bufferOffset + len) >
+                (VIR_NET_MESSAGE_MAX + VIR_NET_MESSAGE_LEN_MAX)) {
+                virReportError(VIR_ERR_RPC,
+                               _("Stream data too long to send "
+                                 "(%zu bytes needed, %zu bytes available)"),
+                               len,
+                               VIR_NET_MESSAGE_MAX +
+                               VIR_NET_MESSAGE_LEN_MAX -
+                               msg->bufferOffset);
+                return -1;
+            }
+
+            msg->bufferLength = msg->bufferOffset + len;
+
+            VIR_REALLOC_N(msg->buffer, msg->bufferLength);
+
+            VIR_DEBUG("Increased message buffer length = %zu", msg->bufferLength);
         }

-        msg->bufferLength = msg->bufferOffset + len;
-
-        VIR_REALLOC_N(msg->buffer, msg->bufferLength);
-
-        VIR_DEBUG("Increased message buffer length = %zu", msg->bufferLength);
+        memcpy(msg->buffer + msg->bufferOffset, data, len);
+        msg->bufferOffset += len;
     }

-    memcpy(msg->buffer + msg->bufferOffset, data, len);
-    msg->bufferOffset += len;
-
     /* Re-encode the length word. */
     VIR_DEBUG("Encode length as %zu", msg->bufferOffset);
     xdrmem_create(&xdr, msg->buffer, VIR_NET_MESSAGE_HEADER_XDR_LEN, XDR_ENCODE);
-- 
2.35.3
[PATCH 1/2] virNetMessageEncodePayloadRaw: Tolerate empty 'data'
[PATCH 2/2] virNetMessageEncodePayloadEmpty: Replace by virNetMessageEncodePayloadRaw(msg, NULL, 0)