UBSan: "null pointer passed as argument 1, which is declared to never be null" error in ulocimp_getLanguage, ulocimp_getScript, ulocimp_getCountry

Description

Reported in <https://bugzilla.mozilla.org/show_bug.cgi?id=1636596>.

All three of ulocimp_getLanguage, ulocimp_getScript, and ulocimp_getCountry call uprv_memcpy, which in turn internally calls memcpy. And the destination and source pointers passed to memcpy mustn't be nullptr, even if the number of bytes to be copied is zero. While nullptr is allowed as a non-standard extension in some environments, UBSan complains about this usage.

Activity

Show:
Markus Scherer
May 27, 2020, 5:56 PM

Useful principle: uprv_function behaves like function itself, so should check outside.

Rich: If this were common, we could add another function that wraps zero-length check plus memcpy.

Jeff Genovy
May 27, 2020, 6:03 PM

Fredrik pointed out that there is already an existing ticket for examining/fixing the locale code’s memory management here:

I’ll take this ticket for Markus' proposal: Add the assert (for debug mode), and change the ulocimp_* functions to check before calling uprv_memcpy.

Jeff Genovy
August 19, 2020, 8:15 PM

Hey , do you think you might be able to take a look at this ticket (once you get done with other bugs)?
I think this one might be a good ticket for you to investigate and get more familiar with ICU.
We can sync up later to chat more about it, and I can help you get setup to work on it.

Erik Torres Aguilar
August 19, 2020, 8:40 PM

Sounds great! I will take a look at it and hopefully we can chat about it later!

Jeff Genovy
August 19, 2020, 8:41 PM

Awesome! -- I’ll assign this ticket over to you and set myself as the reviewer.

Assignee

Erik Torres Aguilar

Reporter

André Bargull

Components

Labels

None

Reviewer

Jeff Genovy

Priority

assess

Time Needed

None

Fix versions

Configure