mctp-netlink: Don't memcpy() when source list is NULL

amboar · amboar · commit c06f1262ee01 · 2025-11-28T11:35:50.000+10:30
Mitigate the ubsan splat: Feb 27 09:30:55 test mctpd[984]: SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../../../../../workspace/sources/mctp/src/mctp-netlink.c:1102:2 in Feb 27 09:31:00 test mctpd[993]: ../../../../../../workspace/sources/mctp/src/mctp-netlink.c:1102:2: runtime error: null pointer passed as argument 2, which is declared to never be null Feb 27 09:31:00 test mctpd[993]: #0 0x47fcc0 (/usr/sbin/mctpd+0x57cc0) (BuildId: 74658a0b3317f1295bab6bbcd8febf809768bfda) Feb 27 09:31:00 test mctpd[993]: #1 0x459590 (/usr/sbin/mctpd+0x31590) (BuildId: 74658a0b3317f1295bab6bbcd8febf809768bfda) Feb 27 09:31:00 test mctpd[993]: #2 0x4498f0 (/usr/sbin/mctpd+0x218f0) (BuildId: 74658a0b3317f1295bab6bbcd8febf809768bfda) Feb 27 09:31:00 test mctpd[993]: #3 0xa62904ac (/usr/lib/libc.so.6+0x1f4ac) (BuildId: f7dfc12cfaed3ca290b3c7f41ef9145c0de0fe6b) Feb 27 09:31:00 test mctpd[993]: #4 0xa6290598 in __libc_start_main (/usr/lib/libc.so.6+0x1f598) (BuildId: f7dfc12cfaed3ca290b3c7f41ef9145c0de0fe6b) Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
diff --git a/src/mctp-netlink.c b/src/mctp-netlink.c
@@ -1094,11 +1094,12 @@ mctp_eid_t *mctp_nl_addrs_byindex(const mctp_nl *nl, int index, size_t *ret_num)
 	mctp_eid_t *ret;
 
 	*ret_num = 0;
-	if (!entry)
+	if (!entry || entry->num_local == 0)
 		return NULL;
 	ret = malloc(entry->num_local);
 	if (!ret)
 		return NULL;
+	assert(entry->local_eids);
 	memcpy(ret, entry->local_eids, entry->num_local);
 	*ret_num = entry->num_local;
 	return ret;
