Undefined behavior with fwrite in write_counted_string
Description
While testing Xfce and its dependencies with UndefinedBehaviorSanitizer, I triggered the following warning:
authutil.c:492:9: runtime error: null pointer passed as argument 1, which is declared to never be null
#0 0x72b5cdb0103c in write_counted_string libice/src/authutil.c:492
#1 0x72b5cdb028bc in IceWriteAuthFileEntry libice/src/authutil.c:315
#2 0x5d9f40e3d477 in write_auth_file iceauth/process.c:655
#3 0x5d9f40e3d477 in auth_finalize iceauth/process.c:695
#4 0x5d9f40e35d14 in main iceauth/iceauth.c:161
#5 0x72b5cd234e07 (/usr/lib/libc.so.6+0x25e07)
#6 0x72b5cd234ecb in __libc_start_main (/usr/lib/libc.so.6+0x25ecb)
#7 0x5d9f40e35504 in _start (/usr/bin/iceauth+0x18504)
I verified that auth->protocol_data
is NULL (and auth->protocol_data_length
is 0) in IceWriteAuthFileEntry
with some debug prints here:
315 if (!write_counted_string (auth_file,
316 auth->protocol_data_length, auth->protocol_data))
317 return (0);
I was able to reproduce the warning with and without the patch from !20 (merged).
Version info
- 296eff6b compiled on Arch Linux