- Commit
- 53abb8e3ab21a31ca7b4921207bd97bb42355c80
- Parent
- 3bfdadcb66aa969bee2eefe6da5df5028b55849d
- Author
- John MacFarlane <jgm@berkeley.edu>
- Date
Don't call memcpy with NULL as 1st parameter.
This is illegal according to the C standard, sec. 7.1.4.
"If an argument to a function has an invalid value (such as a value
outside the domain of the function, or a pointer outside the address
space of the program, or a null pointer, or a pointer to non-modifiable
storage when the corresponding parameter is not const-qualified) or a
type (after promotion) not expected by a function with variable number
of arguments, the behavior is undefined."
7.24.1(2): "Where an argument declared as size_t n specifies the length
of the array for a function, n can have the value zero […] pointer
arguments on such a call shall still have valid values, as described in
7.1.4."
See https://www.imperialviolet.org/2016/06/26/nonnull.html
diff --git a/src/inlines.c b/src/inlines.c
@@ -99,9 +99,10 @@ static CMARK_INLINE cmark_node *make_simple(cmark_mem *mem, cmark_node_type t) {
static cmark_node *make_str(subject *subj, int sc, int ec, cmark_chunk s) {
cmark_node *e = make_literal(subj, CMARK_NODE_TEXT, sc, ec);
- // NOLINTNEXTLINE(clang-analyzer-core.NonNullParamChecker)
e->data = (unsigned char *)subj->mem->realloc(NULL, s.len + 1);
- memcpy(e->data, s.data, s.len);
+ if (s.data != NULL) {
+ memcpy(e->data, s.data, s.len);
+ }
e->data[s.len] = 0;
e->len = s.len;
return e;