mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2026-05-17 20:37:12 +02:00
Code Issues Projects Releases Packages Wiki Activity

mroonga: undefined behaviour fix

Browse source 
The value of dv[0].data being null showed up
in the mtr tests:

mroonga/storage.alter_table_fulltext_add_no_primary_key

as:

/source/storage/mroonga/vendor/groonga/lib/ii.c:2052:37: runtime error: applying non-zero offset 28 to null pointer

Correct this by entrying the if condition on null pointer value.

The free is valid, and the data of size is allocated.
This commit is contained in:
Daniel Black 2025-03-28 18:12:24 +11:00 committed by Sergei Golubchik
commit b316a7135b
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
storage/mroonga/vendor/groonga/lib/ii.c vendored
View file

@ -2049,7 +2049,7 @@ grn_p_decv(grn_ctx *ctx, uint8_t *data, uint32_t data_size, datavec *dv, uint32_
if ((df & 1)) {
df >>= 1;
size = nreq == dvlen ? data_size : df * nreq;
if (dv[dvlen].data < dv[0].data + size) {
if (!dv[0].data || dv[dvlen].data < dv[0].data + size) {
if (dv[0].data) { GRN_FREE(dv[0].data); }
if (!(rp = GRN_MALLOC(size * sizeof(uint32_t)))) { return 0; }
dv[dvlen].data = rp + size;
@ -10653,7 +10653,7 @@ grn_ii_builder_options_fix(grn_ii_builder_options *options)
}
#define GRN_II_BUILDER_TERM_INPLACE_SIZE\
(sizeof(grn_ii_builder_term) - (uintptr_t)&((grn_ii_builder_term *)0)->dummy)
(sizeof(grn_ii_builder_term) - offsetof(grn_ii_builder_term, dummy))
typedef struct {
grn_id rid; /* Last record ID */