[PATCH] hw/xen: Check if len is 0 before memcpy()

Akihiko Odaki Wed, 08 Jan 2025 03:32:45 -0800

data->data can be NULL when len is 0. Strictly speaking, the behavior
of memcpy() in such a scenario is undefined so UBSan complaints.


Satisfy UBSan by checking if len is 0 before memcpy().

Signed-off-by: Akihiko Odaki <akihiko.od...@daynix.com>
---
 hw/i386/kvm/xen_xenstore.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/hw/i386/kvm/xen_xenstore.c b/hw/i386/kvm/xen_xenstore.c
index 59691056670e..17802aa33d20 100644
--- a/hw/i386/kvm/xen_xenstore.c
+++ b/hw/i386/kvm/xen_xenstore.c
@@ -532,6 +532,10 @@ static void xs_read(XenXenstoreState *s, unsigned int 
req_id,
         return;
     }
 
+    if (!len) {
+        return;
+    }
+
     memcpy(&rsp_data[rsp->len], data->data, len);
     rsp->len += len;
 }

---
base-commit: 38d0939b86e2eef6f6a622c6f1f7befda0146595
change-id: 20241227-xen-fb5a15cc0ca7

Best regards,
-- 
Akihiko Odaki <akihiko.od...@daynix.com>

[PATCH] hw/xen: Check if len is 0 before memcpy()

Reply via email to