From 051ae7c282b5487a0dfb5214b9855cd45066c813 Mon Sep 17 00:00:00 2001 From: Jay Berkenbilt Date: Mon, 16 May 2022 11:07:26 -0400 Subject: Improve handling of replacing stream data with empty strings When an empty string was passed to replaceStreamData, the code was passing a null pointer to memcpy. Since a 0 size was also passed, this was harmless, but it triggers sanitizer errors. The code properly handles a null pointer as the buffer in other places. --- libqpdf/QPDFObjectHandle.cc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'libqpdf/QPDFObjectHandle.cc') diff --git a/libqpdf/QPDFObjectHandle.cc b/libqpdf/QPDFObjectHandle.cc index 10fb153c..4a61f595 100644 --- a/libqpdf/QPDFObjectHandle.cc +++ b/libqpdf/QPDFObjectHandle.cc @@ -1468,7 +1468,9 @@ QPDFObjectHandle::replaceStreamData( assertStream(); auto b = std::make_shared(data.length()); unsigned char* bp = b->getBuffer(); - memcpy(bp, data.c_str(), data.length()); + if (bp) { + memcpy(bp, data.c_str(), data.length()); + } dynamic_cast(obj.get())->replaceStreamData( b, filter, decode_parms); } -- cgit v1.2.3-54-g00ecf