From: Dan Mick <dan.mick@redhat.com>
Date: Tue, 1 Dec 2015 22:35:35 +0000 (-0800)
Subject: librados.cc: rados_getxattrs_next: don't try to use malloc(0)
X-Git-Tag: v10.0.2~105^2~1
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=4ec0def94cfcf9f223de0560605a00b2a6eb5830;p=ceph.git

librados.cc: rados_getxattrs_next: don't try to use malloc(0)

If an xattr is 0 length, don't try to malloc a buffer for the value;
leave it NULL.  (Linux doesn't promise malloc(0) returns a pointer,
and other implementations, like AIX, definitely return NULL.)

Usage changes are in following commits.

Fixes: #13944
Signed-off-by: Dan Mick <dan.mick@redhat.com>
---

diff --git a/src/librados/librados.cc b/src/librados/librados.cc
index 403b5b03a0a0..ab3486dadbbd 100644
--- a/src/librados/librados.cc
+++ b/src/librados/librados.cc
@@ -3446,13 +3446,18 @@ extern "C" int rados_getxattrs_next(rados_xattrs_iter_t iter,
   *name = s.c_str();
   bufferlist &bl(it->i->second);
   size_t bl_len = bl.length();
-  it->val = (char*)malloc(bl_len);
-  if (!it->val) {
-    tracepoint(librados, rados_getxattrs_next_exit, -ENOMEM, *name, NULL, 0);
-    return -ENOMEM;
+  if (!bl_len) {
+    // malloc(0) is not guaranteed to return a valid pointer
+    *val = (char *)NULL;
+  } else {
+    it->val = (char*)malloc(bl_len);
+    if (!it->val) {
+      tracepoint(librados, rados_getxattrs_next_exit, -ENOMEM, *name, NULL, 0);
+      return -ENOMEM;
+    }
+    memcpy(it->val, bl.c_str(), bl_len);
+    *val = it->val;
   }
-  memcpy(it->val, bl.c_str(), bl_len);
-  *val = it->val;
   *len = bl_len;
   ++it->i;
   tracepoint(librados, rados_getxattrs_next_exit, 0, *name, *val, *len);