Commit d96c06385283e44eb843d0e371f92ca8d4dd4bbb

Patrick Steinhardt 2016-03-01T19:11:33

submodule: avoid passing NULL pointers to strncmp In C89 it is undefined behavior to pass `NULL` pointers to `strncmp` and later on in C99 it has been explicitly stated that functions with an argument declared as `size_t nmemb` specifying the array length shall always have valid parameters, no matter if `nmemb` is 0 or not (see ISO 9899 ยง7.21.1.2). The function `str_equal_no_trailing_slash` always passes its parameters to `strncmp` if their lengths match. This means if one parameter is `NULL` and the other one either `NULL` or a string with length 0 we will pass the pointers to `strncmp` and cause undefined behavior. Fix this by explicitly handling the case when both lengths are 0.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
diff --git a/src/submodule.c b/src/submodule.c
index 38db415..3f39b9e 100644
--- a/src/submodule.c
+++ b/src/submodule.c
@@ -80,7 +80,8 @@ static kh_inline int str_equal_no_trailing_slash(const char *a, const char *b)
 	if (blen > 0 && b[blen - 1] == '/')
 		blen--;
 
-	return (alen == blen && strncmp(a, b, alen) == 0);
+	return (alen == 0 && blen == 0) ||
+		(alen == blen && strncmp(a, b, alen) == 0);
 }
 
 __KHASH_IMPL(