Don't rely on malloc to return NULL for zero size

We rely on samples being NULL if a dc have no samples. Its completely legal for malloc to return a valid pointer to nowhere for zero sized malloc, which you can't follow and read what its pointing at. Its only viable to call free() on. In other code, if samples is a valid pointer, we dereference it and look at the first sample. Signed-off-by: Anton Lundin <glance@acc.umu.se> Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
author: Anton Lundin <glance@acc.umu.se> 2014-12-12 08:59:12 +0100
committer: Dirk Hohndel <dirk@hohndel.org> 2014-12-12 07:04:26 -0800
commit: bf20c251ab2caf37bc3973bbb77201cb0ae7a588 (patch)
tree: 74b03413a08021a2d0a9f0fe6c12d05a61367f06
parent: 46bd71a18427b5cc650b26b4d77d9a1260b79941 (diff)
download: subsurface-bf20c251ab2caf37bc3973bbb77201cb0ae7a588.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/dive.c b/dive.c
index 7ec4bc918..78224d82c 100644
--- a/dive.c
+++ b/dive.c
@@ -602,6 +602,14 @@ void copy_samples(struct divecomputer *s, struct divecomputer *d)
 	int nr = s->samples;
 	d->samples = nr;
 	d->alloc_samples = nr;
+	// We expect to be able to read the memory in the other end of the pointer
+	// if its a valid pointer, so don't expect malloc() to return NULL for
+	// zero-sized malloc, do it ourselves.
+	d->sample = NULL;
+
+	if(!nr)
+		return;
+
 	d->sample = malloc(nr * sizeof(struct sample));
 	if (d->sample)
 		memcpy(d->sample, s->sample, nr * sizeof(struct sample));
author	Anton Lundin <glance@acc.umu.se>	2014-12-12 08:59:12 +0100
committer	Dirk Hohndel <dirk@hohndel.org>	2014-12-12 07:04:26 -0800
commit	bf20c251ab2caf37bc3973bbb77201cb0ae7a588 (patch)
tree	74b03413a08021a2d0a9f0fe6c12d05a61367f06
parent	46bd71a18427b5cc650b26b4d77d9a1260b79941 (diff)
download	subsurface-bf20c251ab2caf37bc3973bbb77201cb0ae7a588.tar.gz