summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorkhorimoto@chromium.org <khorimoto@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-03-28 02:14:44 +0000
committerkhorimoto@chromium.org <khorimoto@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-03-28 02:14:44 +0000
commit1c204e0f2fe0882ab1d3d5a61c3d613afd0fbc95 (patch)
treec390dbd95123ce27a41ef3f4b16747b14264c2f1 /net
parent177154bca217a66fb61e5667b715961984195e62 (diff)
downloadchromium_src-1c204e0f2fe0882ab1d3d5a61c3d613afd0fbc95.zip
chromium_src-1c204e0f2fe0882ab1d3d5a61c3d613afd0fbc95.tar.gz
chromium_src-1c204e0f2fe0882ab1d3d5a61c3d613afd0fbc95.tar.bz2
Disallowed a NULL pointer from being passed as the second argument to memcpy(), which is undefined behavior.
CID=103649 BUG=NONE TEST=NONE Review URL: http://codereview.chromium.org/9872001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@129346 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net')
-rw-r--r--net/spdy/spdy_framer.cc8
1 files changed, 5 insertions, 3 deletions
diff --git a/net/spdy/spdy_framer.cc b/net/spdy/spdy_framer.cc
index faa2893..98117ac 100644
--- a/net/spdy/spdy_framer.cc
+++ b/net/spdy/spdy_framer.cc
@@ -178,7 +178,7 @@ void SpdyFramer::Reset() {
}
if (current_frame_capacity_ != initial_size) {
delete [] current_frame_buffer_;
- current_frame_buffer_ = 0;
+ current_frame_buffer_ = NULL;
current_frame_capacity_ = 0;
ExpandControlFrameBuffer(initial_size);
}
@@ -939,8 +939,10 @@ void SpdyFramer::ExpandControlFrameBuffer(size_t size) {
if (alloc_size <= current_frame_capacity_)
return;
char* new_buffer = new char[alloc_size];
- memcpy(new_buffer, current_frame_buffer_, current_frame_len_);
- delete [] current_frame_buffer_;
+ if (current_frame_buffer_ != NULL) {
+ memcpy(new_buffer, current_frame_buffer_, current_frame_len_);
+ delete [] current_frame_buffer_;
+ }
current_frame_capacity_ = alloc_size;
current_frame_buffer_ = new_buffer;
}
generated by cgit v1.1 at 2024-10-28 18:38:45 +0000