From: Matthew Fernandez <matthew.fernandez@gmail.com>
Date: Sun, 11 Jul 2021 18:49:20 +0000 (-0700)
Subject: SparseMatrix_copy: avoid calling memcpy with null pointers
X-Git-Tag: 2.49.0~61^2
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=9a3c75beee271848a63a0d0927d383d2e500357d;p=graphviz

SparseMatrix_copy: avoid calling memcpy with null pointers

The memcpy function technically requires both its pointer inputs to be non-null.
There is no special case for the length being 0. When running the example from
#2088 under UBSan, it detects this memcpy call as being performed with both null
source and destination pointers. It is unlikely any real world memcpy would
misbehave in this circumstance, but it is still good practice to avoid this.
---

diff --git a/lib/sparse/SparseMatrix.c b/lib/sparse/SparseMatrix.c
index 1e81eaef2..df0ad6ced 100644
--- a/lib/sparse/SparseMatrix.c
+++ b/lib/sparse/SparseMatrix.c
@@ -1895,7 +1895,9 @@ SparseMatrix SparseMatrix_copy(SparseMatrix A){
   if (!A) return A;
   B = SparseMatrix_general_new(A->m, A->n, A->nz, A->type, A->size, A->format);
   memcpy(B->ia, A->ia, sizeof(int)*((size_t)(A->m+1)));
-  memcpy(B->ja, A->ja, sizeof(int)*((size_t)(A->ia[A->m])));
+  if (A->ia[A->m] != 0) {
+    memcpy(B->ja, A->ja, sizeof(int)*((size_t)(A->ia[A->m])));
+  }
   if (A->a) memcpy(B->a, A->a, A->size*((size_t)A->nz));
   B->property = A->property;
   B->nz = A->nz;