NULL pointer passed as an argument to a nonnull parameter #465
Description
test.c line 4042 to 4044 :
char *
create_large_chunked_message (int body_size_in_kb, const char* headers)
{
int i;
size_t wrote = 0;
size_t headers_len = strlen(headers);
size_t bufsize = headers_len + (5+1024+2)*body_size_in_kb + 6;
char * buf = malloc(bufsize);memcpy(buf, headers, headers_len);
wrote += headers_len;for (i = 0; i < body_size_in_kb; i++) {
// write 1kb chunk into the body.
memcpy(buf + wrote, "400\r\n", 5);
wrote += 5;
memset(buf + wrote, 'C', 1024);
wrote += 1024;
strcpy(buf + wrote, "\r\n");
wrote += 2;
}memcpy(buf + wrote, "0\r\n\r\n", 6);
wrote += 6;
assert(wrote == bufsize);return buf;
}
if the "malloc" function return 0, the following "memcpy" function would received a NULL pointer arg. This may happen under some extreme conditions.