[base] Avoid UB with memcpy

`FT_NEW_ARRAY(p, 0)` sets `p` to `NULL`. `FT_Stream_ReadAt` with a memory based stream uses `FT_MEM_COPY` which is `memcpy` which specifies that it is undefined behavior for either the `src` or `dst` to be `NULL`. Instead of forcing all callers work around calling `FT_Stream_Read` when `buffer == NULL && count == 0` do the check in `FT_StreamRead`. This allows any call with `count == 0` to succesfully read zero bytes without UB. * src/base/ftstream.c (FT_Stream_ReadAt): skip `FT_MEM_COPY` when `count == 0`. (FT_Stream_TryRead): ditto Fixes: #1250
1 year ago · a9793feace
parent a20de84e16
commit a9793feace
1 changed files with 6 additions and 2 deletions
--- a/src/base/ftstream.c
+++ b/src/base/ftstream.c
@ -141,7 +141,9 @@
      if ( read_bytes > count )
        read_bytes = count;

-      FT_MEM_COPY( buffer, stream->base + pos, read_bytes );
+      /* Allow "reading" zero bytes without UB even if buffer is NULL */
+      if ( count )
+        FT_MEM_COPY( buffer, stream->base + pos, read_bytes );
    }

    stream->pos = pos + read_bytes;
@ -178,7 +180,9 @@
      if ( read_bytes > count )
        read_bytes = count;

-      FT_MEM_COPY( buffer, stream->base + stream->pos, read_bytes );
+      /* Allow "reading" zero bytes without UB even if buffer is NULL */
+      if ( count )
+        FT_MEM_COPY( buffer, stream->base + stream->pos, read_bytes );
    }

    stream->pos += read_bytes;