gl_array_list.c:452:29: runtime error: applying zero offset to null pointer

[Paweł Krawczyk]

Hello, I'm running an application using gl_array_list under clang ASAN and 
getting the following complaints:

gl_array_list.c:452:29: runtime error: applying zero offset to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior gl_array_list.c:452:29 
in
gl_array_list.c:453:29: runtime error: applying zero offset to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior gl_array_list.c:453:29 
in

Linest 452-453 are gl_array_list.c:

  result.p = list->elements + 0;
  result.q = list->elements + list->count;

And indeed, when inspected I found out that the list passed to the iterator was 
empty. A simple check using
gl_list_size() prior to calling the iterator solved the problem in my program 
but maybe that should be also
implemented inside the iterator.


The broader context:

static gl_list_iterator_t _GL_ATTRIBUTE_PURE
gl_array_iterator (gl_list_t list)
{
  gl_list_iterator_t result;

  result.vtable = list->base.vtable;
  result.list = list;
  result.count = list->count;
  result.p = list->elements + 0;
  result.q = list->elements + list->count;
#if defined GCC_LINT || defined lint
  result.i = 0;
  result.j = 0;
#endif

  return result;
}

The command used to compile along with ASAN options:

libtool: compile:  clang -DHAVE_CONFIG_H -I. -I.. -g -O2 -fstack-protector-all 
-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -O0 -ggdb -fstack-protector-all 
-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fsanitize=address -fsanitize=undefined 
-fsanitize=leak -fsanitize-address-use-after-scope -fcf-protection=full -MT 
gl_array_list.lo -MD -MP -MF .deps/gl_array_list.Tpo -c gl_array_list.c  -fPIC 
-DPIC -o .libs/gl_array_list.o


-- 
Pawel Krawczyk
pawel.krawczyk@hush.com +44 7879 180015
CISSP, OWASP, MBCS, CESG SIRA