MDEV-22387: Do not violate __attribute__((nonnull))

This follows up commit
commit 94a520ddbe and
commit 7c5519c12d.

After these changes, the default test suites on a
cmake -DWITH_UBSAN=ON build no longer fail due to passing
null pointers as parameters that are declared to never be null,
but plenty of other runtime errors remain.

client/completion_hash.cc

@@ -205,7 +205,8 @@ Bucket *find_longest_match(HashTable *ht, char *str, uint length,
 void completion_hash_clean(HashTable *ht)
 {
   free_root(&ht->mem_root,MYF(0));
-  bzero((char*) ht->arBuckets,ht->nTableSize*sizeof(Bucket *));
+  if (size_t s= ht->nTableSize)
+    bzero((char*) ht->arBuckets, s * sizeof(Bucket *));
 }
 
 

include/my_sys.h

@@ -534,8 +534,11 @@ static inline int my_b_write(IO_CACHE *info, const uchar *Buffer, size_t Count)
 {
   if (info->write_pos + Count <= info->write_end)
   {
-    memcpy(info->write_pos, Buffer, Count);
+    if (Count)
-    info->write_pos+= Count;
+    {
+      memcpy(info->write_pos, Buffer, Count);
+      info->write_pos+= Count;
+    }
     return 0;
   }
   return _my_b_write(info, Buffer, Count);

libmariadb

@@ -1 +1 @@
-Subproject commit 62427520a5ba20e42fe51f5045062a7a9cadb466
+Subproject commit e38244220646a7e95c9be22576460aa7a4eb715f

mysys/array.c

@@ -138,8 +138,9 @@ void *alloc_dynamic(DYNAMIC_ARRAY *array)
                                         array->size_of_element,
                                         MYF(array->malloc_flags | MY_WME))))
         DBUG_RETURN(0);
-      memcpy(new_ptr, array->buffer,
+      if (array->elements)
-             array->elements * array->size_of_element);
+        memcpy(new_ptr, array->buffer,
+               array->elements * array->size_of_element);
       array->malloc_flags&= ~MY_INIT_BUFFER_USED;
     }
     else if (!(new_ptr=(char*)

mysys/my_alloc.c

@@ -461,7 +461,7 @@ char *strmake_root(MEM_ROOT *root, const char *str, size_t len)
 void *memdup_root(MEM_ROOT *root, const void *str, size_t len)
 {
   char *pos;
-  if ((pos=alloc_root(root,len)))
+  if ((pos=alloc_root(root,len)) && len)
     memcpy(pos,str,len);
   return pos;
 }

plugin/server_audit/server_audit.c

@@ -706,6 +706,8 @@ static char *coll_search(struct user_coll *c, const char *n, size_t len)
 {
   struct user_name un;
   struct user_name *found;
+  if (!c->n_users)
+    return 0;
   un.name_len= len;
   un.name= (char *) n;
   found= (struct user_name*)  bsearch(&un, c->users, c->n_users,
@@ -736,7 +738,8 @@ static int coll_insert(struct user_coll *c, char *n, size_t len)
 
 static void coll_sort(struct user_coll *c)
 {
-  qsort(c->users, c->n_users, sizeof(c->users[0]), cmp_users);
+  if (c->n_users)
+    qsort(c->users, c->n_users, sizeof(c->users[0]), cmp_users);
 }
 
 
@@ -967,7 +970,8 @@ static void get_str_n(char *dest, int *dest_len, size_t dest_size,
   if (src_len >= dest_size)
     src_len= dest_size - 1;
 
-  memcpy(dest, src, src_len);
+  if (src_len)
+    memcpy(dest, src, src_len);
   dest[src_len]= 0;
   *dest_len= (int)src_len;
 }

sql/field.cc

@@ -8446,7 +8446,10 @@ int Field_blob::cmp_binary(const uchar *a_ptr, const uchar *b_ptr,
   b_length=get_length(b_ptr);
   if (b_length > max_length)
     b_length=max_length;
-  diff=memcmp(a,b,MY_MIN(a_length,b_length));
+  if (uint32 len= MY_MIN(a_length,b_length))
+    diff= memcmp(a,b,len);
+  else
+    diff= 0;
   return diff ? diff : (int) (a_length - b_length);
 }
 
@@ -8503,7 +8506,8 @@ uint Field_blob::get_key_image(uchar *buff,uint length, imagetype type_arg)
     length=(uint) blob_length;
   }
   int2store(buff,length);
-  memcpy(buff+HA_KEY_BLOB_LENGTH, blob, length);
+  if (length)
+    memcpy(buff+HA_KEY_BLOB_LENGTH, blob, length);
   return HA_KEY_BLOB_LENGTH+length;
 }
 

sql/handler.h

@@ -584,8 +584,10 @@ struct xid_t {
   void set(long f, const char *g, long gl, const char *b, long bl)
   {
     formatID= f;
-    memcpy(data, g, gtrid_length= gl);
+    if ((gtrid_length= gl))
-    memcpy(data+gl, b, bqual_length= bl);
+      memcpy(data, g, gl);
+    if ((bqual_length= bl))
+      memcpy(data+gl, b, bl);
   }
   void set(ulonglong xid)
   {

sql/item_func.cc

@@ -4882,7 +4882,8 @@ update_hash(user_var_entry *entry, bool set_null, void *ptr, uint length,
       length--;					// Fix length change above
       entry->value[length]= 0;			// Store end \0
     }
-    memmove(entry->value, ptr, length);
+    if (length)
+      memmove(entry->value, ptr, length);
     if (type == DECIMAL_RESULT)
       ((my_decimal*)entry->value)->fix_buffer_pointer();
     entry->length= length;

sql/item_sum.cc

@@ -1,5 +1,5 @@
 /* Copyright (c) 2000, 2015, Oracle and/or its affiliates.
-   Copyright (c) 2008, 2015, MariaDB
+   Copyright (c) 2008, 2020, MariaDB
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -464,7 +464,8 @@ Item_sum::Item_sum(THD *thd, Item_sum *item):
     if (!(orig_args= (Item**) thd->alloc(sizeof(Item*)*arg_count)))
       return;
   }
-  memcpy(orig_args, item->orig_args, sizeof(Item*)*arg_count);
+  if (arg_count)
+    memcpy(orig_args, item->orig_args, sizeof(Item*)*arg_count);
   init_aggregator();
   with_distinct= item->with_distinct;
   if (item->aggr)
@@ -1136,7 +1137,8 @@ Item_sum_num::fix_fields(THD *thd, Item **ref)
       check_sum_func(thd, ref))
     return TRUE;
 
-  memcpy (orig_args, args, sizeof (Item *) * arg_count);
+  if (arg_count)
+    memcpy (orig_args, args, sizeof (Item *) * arg_count);
   fixed= 1;
   return FALSE;
 }
@@ -3312,7 +3314,8 @@ Item_func_group_concat(THD *thd, Name_resolution_context *context_arg,
 
   /* orig_args is only used for print() */
   orig_args= (Item**) (order + arg_count_order);
-  memcpy(orig_args, args, sizeof(Item*) * arg_count);
+  if (arg_count)
+    memcpy(orig_args, args, sizeof(Item*) * arg_count);
 }
 
 

sql/mf_iocache_encr.cc

@@ -1,5 +1,5 @@
 /*
-   Copyright (c) 2015, MariaDB
+   Copyright (c) 2015, 2020, MariaDB
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -85,7 +85,6 @@ static int my_b_encr_read(IO_CACHE *info, uchar *Buffer, size_t Count)
 
   do
   {
-    size_t copied;
     uint elength, wlength, length;
     uchar iv[MY_AES_BLOCK_SIZE]= {0};
 
@@ -116,11 +115,13 @@ static int my_b_encr_read(IO_CACHE *info, uchar *Buffer, size_t Count)
 
     DBUG_ASSERT(length <= info->buffer_length);
 
-    copied= MY_MIN(Count, (size_t)(length - pos_offset));
+    size_t copied= MY_MIN(Count, (size_t)(length - pos_offset));
-
+    if (copied)
-    memcpy(Buffer, info->buffer + pos_offset, copied);
+    {
-    Count-= copied;
+      memcpy(Buffer, info->buffer + pos_offset, copied);
-    Buffer+= copied;
+      Count-= copied;
+      Buffer+= copied;
+    }
 
     info->read_pos= info->buffer + pos_offset + copied;
     info->read_end= info->buffer + length;

sql/sql_class.cc

@@ -4548,7 +4548,8 @@ extern "C" size_t thd_query_safe(MYSQL_THD thd, char *buf, size_t buflen)
   if (!mysql_mutex_trylock(&thd->LOCK_thd_data))
   {
     len= MY_MIN(buflen - 1, thd->query_length());
-    memcpy(buf, thd->query(), len);
+    if (len)
+      memcpy(buf, thd->query(), len);
     mysql_mutex_unlock(&thd->LOCK_thd_data);
   }
   buf[len]= '\0';

sql/sql_join_cache.cc

@@ -1395,7 +1395,8 @@ uint JOIN_CACHE::write_record_data(uchar * link, bool *is_full)
 	blob_field->get_image(cp, copy->length, 
 			      blob_field->charset());
         DBUG_ASSERT(cp + copy->length + copy->blob_length <= buff + buff_size);
-	memcpy(cp+copy->length, copy->str, copy->blob_length);               
+        if (copy->blob_length)
+          memcpy(cp+copy->length, copy->str, copy->blob_length);
 	cp+= copy->length+copy->blob_length;
       }
       break;

sql/sql_select.cc

@@ -26064,10 +26064,10 @@ JOIN::reoptimize(Item *added_where, table_map join_tables,
   if (save_to)
   {
     DBUG_ASSERT(!keyuse.elements);
-    memcpy(keyuse.buffer,
-           save_to->keyuse.buffer,
-           (size_t) save_to->keyuse.elements * keyuse.size_of_element);
     keyuse.elements= save_to->keyuse.elements;
+    if (size_t e= keyuse.elements)
+      memcpy(keyuse.buffer,
+             save_to->keyuse.buffer, e * keyuse.size_of_element);
   }
 
   /* Add the new access methods to the keyuse array. */

sql/sql_string.cc

@@ -1,5 +1,5 @@
 /* Copyright (c) 2000, 2013, Oracle and/or its affiliates.
-   Copyright (c) 2016, MariaDB
+   Copyright (c) 2016, 2020, MariaDB
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -175,8 +175,8 @@ bool String::copy(const String &str)
 {
   if (alloc(str.str_length))
     return TRUE;
-  str_length=str.str_length;
+  if ((str_length=str.str_length))
-  bmove(Ptr,str.Ptr,str_length);		// May be overlapping
+    bmove(Ptr,str.Ptr,str_length);		// May be overlapping
   Ptr[str_length]=0;
   str_charset=str.str_charset;
   return FALSE;
@@ -539,8 +539,11 @@ bool String::append_ulonglong(ulonglong val)
 
 bool String::append(const char *s,uint32 arg_length, CHARSET_INFO *cs)
 {
+  if (!arg_length)
+    return false;
+
   uint32 offset;
-  
+
   if (needs_conversion(arg_length, cs, str_charset, &offset))
   {
     uint32 add_length;

sql/table.h

@@ -2924,7 +2924,8 @@ inline void mark_as_null_row(TABLE *table)
 {
   table->null_row=1;
   table->status|=STATUS_NULL_ROW;
-  bfill(table->null_flags,table->s->null_bytes,255);
+  if (table->s->null_bytes)
+    bfill(table->null_flags,table->s->null_bytes,255);
 }
 
 bool is_simple_order(ORDER *order);

sql/unireg.cc

@@ -921,8 +921,11 @@ static bool pack_fields(uchar **buff_arg, List<Create_field> &create_fields,
     it.rewind();
     while ((field=it++))
     {
-      memcpy(buff, field->comment.str, field->comment.length);
+      if (size_t l= field->comment.length)
-      buff+= field->comment.length;
+      {
+        memcpy(buff, field->comment.str, l);
+        buff+= l;
+      }
     }
   }
   *buff_arg= buff;

sql/unireg.h

@@ -78,7 +78,8 @@
 #define cmp_record(A,B) memcmp((A)->record[0],(A)->B,(size_t) (A)->s->reclength)
 #define empty_record(A) { \
                           restore_record((A),s->default_values); \
-                          bfill((A)->null_flags,(A)->s->null_bytes,255);\
+                          if ((A)->s->null_bytes) \
+                            bfill((A)->null_flags,(A)->s->null_bytes,255); \
                         }
 
 	/* Defines for use with openfrm, openprt and openfrd */

storage/myisam/mi_key.c

@@ -144,8 +144,11 @@ uint _mi_make_key(register MI_INFO *info, uint keynr, uchar *key,
       set_if_smaller(length,tmp_length);
       FIX_LENGTH(cs, pos, length, char_length);
       store_key_length_inc(key,char_length);
-      memcpy((uchar*) key,(uchar*) pos,(size_t) char_length);
+      if (char_length)
-      key+= char_length;
+      {
+        memcpy(key, pos, char_length);
+        key+= char_length;
+      }
       continue;
     }
     else if (keyseg->flag & HA_SWAP_KEY)

storage/perfschema/pfs_setup_object.cc

@@ -144,12 +144,18 @@ static void set_setup_object_key(PFS_setup_object_key *key,
   char *ptr= &key->m_hash_key[0];
   ptr[0]= (char) object_type;
   ptr++;
-  memcpy(ptr, schema, schema_length);
+  if (schema_length)
-  ptr+= schema_length;
+  {
+    memcpy(ptr, schema, schema_length);
+    ptr+= schema_length;
+  }
   ptr[0]= 0;
   ptr++;
-  memcpy(ptr, object, object_length);
+  if (object_length)
-  ptr+= object_length;
+  {
+    memcpy(ptr, object, object_length);
+    ptr+= object_length;
+  }
   ptr[0]= 0;
   ptr++;
   key->m_key_length= (uint)(ptr - &key->m_hash_key[0]);

strings/ctype-bin.c

@@ -1,6 +1,6 @@
 /* Copyright (c) 2002-2007 MySQL AB & tommy@valley.ne.jp
    Copyright (c) 2002, 2014, Oracle and/or its affiliates.
-   Copyright (c) 2009, 2014, SkySQL Ab.
+   Copyright (c) 2009, 2020, MariaDB Corporation.
    
    This library is free software; you can redistribute it and/or
    modify it under the terms of the GNU Library General Public
@@ -399,7 +399,7 @@ my_strnxfrm_8bit_bin(CHARSET_INFO *cs,
 {
   set_if_smaller(srclen, dstlen);
   set_if_smaller(srclen, nweights);
-  if (dst != src)
+  if (srclen && dst != src)
     memcpy(dst, src, srclen);
   return my_strxfrm_pad_desc_and_reverse(cs, dst, dst + srclen, dst + dstlen,
                                          (uint)(nweights - srclen), flags, 0);

strings/ctype-tis620.c

@@ -553,9 +553,11 @@ int my_strnncollsp_tis620(CHARSET_INFO * cs __attribute__((unused)),
     alloced= a= (uchar*) my_malloc(a_length+b_length+2, MYF(MY_FAE));
   
   b= a + a_length+1;
-  memcpy((char*) a, (char*) a0, a_length);
+  if (a_length)
+    memcpy((char*) a, (char*) a0, a_length);
   a[a_length]= 0;	/* if length(a0)> len1, need to put 'end of string' */
-  memcpy((char *)b, (char *)b0, b_length);
+  if (b_length)
+    memcpy((char *)b, (char *)b0, b_length);
   b[b_length]= 0;	/* put end of string */
   a_length= thai2sortable(a, a_length);
   b_length= thai2sortable(b, b_length);