From 1c204e0f2fe0882ab1d3d5a61c3d613afd0fbc95 Mon Sep 17 00:00:00 2001
From: "khorimoto@chromium.org"
 <khorimoto@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Wed, 28 Mar 2012 02:14:44 +0000
Subject: Disallowed a NULL pointer from being passed as the second argument to
 memcpy(), which is undefined behavior.

CID=103649
BUG=NONE
TEST=NONE


Review URL: http://codereview.chromium.org/9872001

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@129346 0039d316-1c4b-4281-b951-d872f2087c98
---
 net/spdy/spdy_framer.cc | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/net/spdy/spdy_framer.cc b/net/spdy/spdy_framer.cc
index faa2893..98117ac 100644
--- a/net/spdy/spdy_framer.cc
+++ b/net/spdy/spdy_framer.cc
@@ -178,7 +178,7 @@ void SpdyFramer::Reset() {
   }
   if (current_frame_capacity_ != initial_size) {
     delete [] current_frame_buffer_;
-    current_frame_buffer_ = 0;
+    current_frame_buffer_ = NULL;
     current_frame_capacity_ = 0;
     ExpandControlFrameBuffer(initial_size);
   }
@@ -939,8 +939,10 @@ void SpdyFramer::ExpandControlFrameBuffer(size_t size) {
   if (alloc_size <= current_frame_capacity_)
     return;
   char* new_buffer = new char[alloc_size];
-  memcpy(new_buffer, current_frame_buffer_, current_frame_len_);
-  delete [] current_frame_buffer_;
+  if (current_frame_buffer_ != NULL) {
+    memcpy(new_buffer, current_frame_buffer_, current_frame_len_);
+    delete [] current_frame_buffer_;
+  }
   current_frame_capacity_ = alloc_size;
   current_frame_buffer_ = new_buffer;
 }
-- 
cgit v1.1