File _service:obs_scm:backport-dbus-socket-protect-a... of Package dbus-broker

File _service:obs_scm:backport-dbus-socket-protect-against-no-op-arithmetic-on-NULL-pointers.patch of Package dbus-broker

From 09836cbf0c5fc1074996274054aaec906b5753b2 Mon Sep 17 00:00:00 2001
From: David Rheinsberg <david@readahead.eu>
Date: Tue, 30 Jul 2024 15:01:56 +0200
Subject: [PATCH] dbus/socket: protect against no-op arithmetic on NULL
 pointers
 
The socket layer assumes that computing `NULL + 0` produces `NULL`.
Unfortunately, this is UB. Protect against this pointer arithmetic and
ensure we correctly skip empty IOVs when consuming socket buffers.
 
Reported-by: Frantisek Sumsal <frantisek@sumsal.cz>
Signed-off-by: David Rheinsberg <david@readahead.eu>
 
Conflict:NA
Reference:https://github.com/bus1/dbus-broker/commit/09836cbf0c5fc1074996274054aaec906b5753b2
---
 src/dbus/socket.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)
 
diff --git a/src/dbus/socket.c b/src/dbus/socket.c
index 85eedda2..928afcbe 100644
--- a/src/dbus/socket.c
+++ b/src/dbus/socket.c
@@ -173,9 +173,13 @@ static bool socket_buffer_consume(SocketBuffer *buffer, size_t n) {
 
         for ( ; !socket_buffer_is_consumed(buffer); ++buffer->writer) {
                 t = c_min(buffer->writer->iov_len, n);
-                buffer->writer->iov_len -= t;
-                buffer->writer->iov_base += t;
-                n -= t;
+                // IOVs can be empty/NULL. Ensure we do not calculate
+                // `NULL + 0`, as this is, unfortunately, UB.
+                if (t) {
+                        buffer->writer->iov_len -= t;
+                        buffer->writer->iov_base += t;
+                        n -= t;
+                }
                 if (buffer->writer->iov_len)
                         break;
         }