From 3f5951f63fea36032b1fb65f5211ffaf4d03e74e Mon Sep 17 00:00:00 2001
From: Ivan Maidanski <ivmai@mail.ru>
Date: Tue, 11 Sep 2012 23:55:32 +0400
Subject: [PATCH] Fix null-pointer dereference in CORD_substr_closure

* cord/cordbscs.c (CORD_substr_closure): Prevent SEGV if CORD_from_fn
returned NULL/CORD_EMPTY (in case "n" argument is zero).
---
 cord/cordbscs.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/cord/cordbscs.c b/cord/cordbscs.c
index 2231963f..c7b3b51f 100644
--- a/cord/cordbscs.c
+++ b/cord/cordbscs.c
@@ -354,6 +354,7 @@ CORD CORD_substr_closure(CORD x, size_t i, size_t n, CORD_fn f)
     sa->sa_cord = (CordRep *)x;
     sa->sa_index = i;
     result = CORD_from_fn(f, (void *)sa, n);
+    if (result == CORD_EMPTY) return CORD_EMPTY; /* n == 0 */
     ((CordRep *)result) -> function.header = SUBSTR_HDR;
     return (result);
 }
-- 
2.40.0