If an environment variable does not exist then `getenv` returns NULL.
This is accounted for in the calculation of `val_len`, setting `val_len`
to `0` if the variable does not exist.
However clang analzyer complains about passing NULL to `memcpy`, even if
the number of bytes to copy is `0`:
> Null pointer passed as an argument to a 'nonnull' parameter
Fix by checking the length of `val_len` before invoking `memcpy`.
This bug was introduced in b2f07451e5dc84e699f5485d1a959515d855d51b.
This fix should be backported to HAProxy 1.6+.
---
src/cfgparse.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/cfgparse.c b/src/cfgparse.c
index 0e0148159..f505e7999 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -2086,7 +2086,8 @@ next_line:
/* insert value inside the line */
memmove(line + val_len, var_end, end - var_end
+ 1);
- memcpy(line, value, val_len);
+ if (val_len > 0)
+ memcpy(line, value, val_len);
end += val_len - (var_end - line);
line += val_len;
}
--
2.21.0
