Avoid memcpy(. . ., NULL, 0) etc calls #71757

vadmium · 2016-07-19T02:57:11Z

BPO	27570
Nosy	@benjaminp, @vadmium
Files	memcpy-null.patch memcpy-null.v2.patch memcpy-null.v3.patch

^{Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.}

Show more details

GitHub fields:

assignee = None
closed_at = <Date 2016-09-08.06:11:34.573>
created_at = <Date 2016-07-19.02:57:10.714>
labels = ['interpreter-core', 'ctypes', 'type-bug']
title = 'Avoid memcpy(. . ., NULL, 0) etc calls'
updated_at = <Date 2016-09-08.06:11:34.572>
user = 'https://github.com/vadmium'

bugs.python.org fields:

activity = <Date 2016-09-08.06:11:34.572>
actor = 'martin.panter'
assignee = 'none'
closed = True
closed_date = <Date 2016-09-08.06:11:34.573>
closer = 'martin.panter'
components = ['Interpreter Core', 'ctypes']
creation = <Date 2016-07-19.02:57:10.714>
creator = 'martin.panter'
dependencies = []
files = ['43784', '43852', '43987']
hgrepos = []
issue_num = 27570
keywords = ['patch']
message_count = 7.0
messages = ['270806', '271135', '271874', '274701', '274708', '274917', '274969']
nosy_count = 3.0
nosy_names = ['benjamin.peterson', 'python-dev', 'martin.panter']
pr_nums = []
priority = 'normal'
resolution = 'fixed'
stage = 'resolved'
status = 'closed'
superseder = None
type = 'behavior'
url = 'https://bugs.python.org/issue27570'
versions = ['Python 2.7', 'Python 3.5', 'Python 3.6']

vadmium · 2016-07-19T02:57:10Z

This patch fixes errors reported by GCC’s undefined behaviour sanitizer about calling functions with a null pointer:

./configure CC="gcc -fsanitize=undefined"

Using bpo-22605 as a precedent, I propose to avoid calling memcpy() and memmove() for zero-length copies when there may be a null pointer.

vadmium · 2016-07-24T07:25:54Z

V2 patch adds another fix, uncovered by recent datetime tests:

>>> a = array("B")
>>> a[:] = a
/media/disk/home/proj/python/cpython/Modules/arraymodule.c:748:5: runtime error: null pointer passed as argument 1, which is declared to never be null
/media/disk/home/proj/python/cpython/Modules/arraymodule.c:748:5: runtime error: null pointer passed as argument 2, which is declared to never be null

vadmium · 2016-08-03T05:31:34Z

Patch 3 fixes some more cases I found in the array module:

>>> a + a
Modules/arraymodule.c:809:5: runtime error: null pointer passed as argument 1, which is declared to never be null
Modules/arraymodule.c:809:5: runtime error: null pointer passed as argument 2, which is declared to never be null
Modules/arraymodule.c:810:5: runtime error: null pointer passed as argument 1, which is declared to never be null
Modules/arraymodule.c:810:5: runtime error: null pointer passed as argument 2, which is declared to never be null
array('B')
>>> a * 3
Modules/arraymodule.c:840:9: runtime error: null pointer passed as argument 1, which is declared to never be null
Modules/arraymodule.c:840:9: runtime error: null pointer passed as argument 2, which is declared to never be null
array('B')
>>> a += a
Modules/arraymodule.c:952:5: runtime error: null pointer passed as argument 1, which is declared to never be null
Modules/arraymodule.c:952:5: runtime error: null pointer passed as argument 2, which is declared to never be null

I wondered if there is a good argument for fixing these, or if it is only a theoretical problem. Apparently GCC can do optimizations about null pointer tests: <https://gcc.gnu.org/gcc-4.9/porting_to.html\>. I don’t think any of the cases I found are instances of this problem, but I think fixing them helps keep the UB sanitizer output clean, so any errors causing practical behaviour problems will be easier to find.

vadmium · 2016-09-07T02:15:15Z

Looks like revisions 5f3f6f1fb73a and ec537f9f468f may have fixed the listobject cases.

Also 66feda02f2a5 looks relevant. Benjamin, maybe you are interested in other bits of my patches :)

benjaminp · 2016-09-07T02:29:50Z

Sorry I missed this. The changes which I didn't already make look good. :)

python-dev · 2016-09-07T23:42:53Z

New changeset e231dcad3a9b by Martin Panter in branch '3.5':
Issue bpo-27570: Avoid zero-length memcpy() calls with null source pointers
https://hg.python.org/cpython/rev/e231dcad3a9b

New changeset 2d0fb659372c by Martin Panter in branch 'default':
Issue bpo-27570: Merge null pointer fixes from 3.5
https://hg.python.org/cpython/rev/2d0fb659372c

python-dev · 2016-09-08T05:42:53Z

New changeset d465da1e5902 by Martin Panter in branch '2.7':
Issue bpo-27570: Avoid zero-length memcpy() calls with null source pointers
https://hg.python.org/cpython/rev/d465da1e5902

vadmium added interpreter-core (Objects, Python, Grammar, and Parser dirs) topic-ctypes type-bug An unexpected behavior, bug, or error labels Jul 19, 2016

vadmium closed this as completed Sep 8, 2016

ezio-melotti transferred this issue from another repository Apr 10, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Avoid memcpy(. . ., NULL, 0) etc calls #71757

Avoid memcpy(. . ., NULL, 0) etc calls #71757

vadmium commented Jul 19, 2016

vadmium commented Jul 19, 2016

vadmium commented Jul 24, 2016

vadmium commented Aug 3, 2016

vadmium commented Sep 7, 2016

benjaminp commented Sep 7, 2016

python-dev mannequin commented Sep 7, 2016

python-dev mannequin commented Sep 8, 2016

Avoid memcpy(. . ., NULL, 0) etc calls #71757

Avoid memcpy(. . ., NULL, 0) etc calls #71757

Comments

vadmium commented Jul 19, 2016

vadmium commented Jul 19, 2016

vadmium commented Jul 24, 2016

vadmium commented Aug 3, 2016

vadmium commented Sep 7, 2016

benjaminp commented Sep 7, 2016

python-dev mannequin commented Sep 7, 2016

python-dev mannequin commented Sep 8, 2016