On Tue, Apr 14, 2015 at 01:43:56PM +0200, Silvan Jegen wrote: > On Tue, Apr 14, 2015 at 12:55 PM, Gregor Best <g...@ring0.de> wrote: > > The cause seems to be that for bot `term.line` and `term.alt` are NULL > > at this point. While this does mean that even with a `len` parameter of > > 0, the `dst` pointer gets touched, I don't think it's ever right to call > > either `memcpy` or `memmove` with a NULL destination pointer. > > I just tested glibc's memmove. The results are: > > dst == NULL, n > 0: segfault > src == NULL, n > 0: segfault > > if dst or src are NULL and n is 0 there is no segfault. Fascinating.
dst and src are required to be valid objects even if n is 0, otherwise this is undefined behaviour. The fact that it doesn't crash on this implementation doesn't mean anything.
