From: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Date: Fri, 7 Jun 2019 18:25:53 +0000 (-0700)
Subject: bpo-37138: fix undefined behaviour with memcpy() on NULL array (GH-13867)
X-Git-Tag: v3.8.0b2~183
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6e053079ac3fe50ffbe9128bcf766298168c31cb;p=python

bpo-37138: fix undefined behaviour with memcpy() on NULL array (GH-13867)

(cherry picked from commit 1f9531764cc0f8dbca1d8f429d162dc28282f4b4)

Co-authored-by: Jeroen Demeyer <J.Demeyer@UGent.be>
---

diff --git a/Objects/classobject.c b/Objects/classobject.c
index ffd3f875c0..2415ed14cb 100644
--- a/Objects/classobject.c
+++ b/Objects/classobject.c
@@ -71,7 +71,11 @@ method_vectorcall(PyObject *method, PyObject *const *args,
         }
         /* use borrowed references */
         newargs[0] = self;
-        memcpy(newargs + 1, args, totalargs * sizeof(PyObject *));
+        if (totalargs) { /* bpo-37138: if totalargs == 0, then args may be
+                          * NULL and calling memcpy() with a NULL pointer
+                          * is undefined behaviour. */
+            memcpy(newargs + 1, args, totalargs * sizeof(PyObject *));
+        }
         result = _PyObject_Vectorcall(func, newargs, nargs+1, kwnames);
         PyMem_Free(newargs);
     }