bpo-37138: fix undefined behaviour with memcpy() on NULL array (GH-13867)

diff --git a/Objects/classobject.c b/Objects/classobject.c
index ffd3f875c0e7ba2042d689c7c2e0cc218291a4e0..2415ed14cb1506c406e4bd2474a6b82c57196230 100644 (file)
--- a/Objects/classobject.c
+++ b/Objects/classobject.c
@@ -71,7 +71,11 @@ method_vectorcall(PyObject *method, PyObject *const *args,
         }
         /* use borrowed references */
         newargs[0] = self;
-        memcpy(newargs + 1, args, totalargs * sizeof(PyObject *));
+        if (totalargs) { /* bpo-37138: if totalargs == 0, then args may be
+                          * NULL and calling memcpy() with a NULL pointer
+                          * is undefined behaviour. */
+            memcpy(newargs + 1, args, totalargs * sizeof(PyObject *));
+        }
         result = _PyObject_Vectorcall(func, newargs, nargs+1, kwnames);
         PyMem_Free(newargs);
     }