Avoid 0-length memcpy to NULL with EXEC_BACKEND

hlinnaka · hlinnaka · commit f3412a61f3f9 · 2024-07-03T15:58:14.000+03:00
memcpy(NULL, src, 0) is forbidden by POSIX, even though every production version of libc allows it. Let's be tidy. Per report from Thomas Munro, running UBSan with EXEC_BACKEND. Backpatch to v17, where this code was added. Discussion: https://www.postgresql.org/message-id/CA%2BhUKG%2Be-dV7YWBzfBZXsgovgRuX5VmvmOT%2Bv0aXiZJ-EKbXcw@mail.gmail.com
diff --git a/src/backend/postmaster/launch_backend.c b/src/backend/postmaster/launch_backend.c
@@ -762,7 +762,8 @@ save_backend_variables(BackendParameters *param, ClientSocket *client_sock,
 	strlcpy(param->pkglib_path, pkglib_path, MAXPGPATH);
 
 	param->startup_data_len = startup_data_len;
-	memcpy(param->startup_data, startup_data, startup_data_len);
+	if (startup_data_len > 0)
+		memcpy(param->startup_data, startup_data, startup_data_len);
 
 	return true;
 }

Original file line number	Diff line number	Diff line change
`@@ -762,7 +762,8 @@ save_backend_variables(BackendParameters param, ClientSocket client_sock,`
`762`	`762`	`strlcpy(param->pkglib_path, pkglib_path, MAXPGPATH);`
`763`	`763`
`764`	`764`	`param->startup_data_len = startup_data_len;`
`765`		`- memcpy(param->startup_data, startup_data, startup_data_len);`
	`765`	`+ if (startup_data_len > 0)`
	`766`	`+ memcpy(param->startup_data, startup_data, startup_data_len);`
`766`	`767`
`767`	`768`	`return true;`
`768`	`769`	`}`