From 7b2895271d43c897021feb7d205621cd1048c514 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <mail@3v1n0.net>
Date: Thu, 13 Feb 2025 05:27:13 +0100
Subject: [PATCH] synaptics: Do not call memcpy with NULL data

../libfprint/drivers/synaptics/bmkt_message.c:260:5: runtime error: null pointer passed as argument 2, which is declared to never be null
    #0 0x7fd21f154592 in bmkt_compose_message ../libfprint/drivers/synaptics/bmkt_message.c:260
    #1 0x7fd21f14596c in synaptics_sensor_cmd ../libfprint/drivers/synaptics/synaptics.c:417
    #2 0x7fd21f14d93f in dev_probe ../libfprint/drivers/synaptics/synaptics.c:1329
    #3 0x7fd21f0ca61d in device_idle_probe_cb ../libfprint/fp-device.c:375
    #4 0x7fd21f21a431 in timeout_dispatch ../libfprint/fpi-device.c:336
    #5 0x7fd2269cf70b in g_main_dispatch ../../glib/glib/gmain.c:3373
    #6 0x7fd2269d18de in g_main_context_dispatch_unlocked ../../glib/glib/gmain.c:4224
    #7 0x7fd2269d18de in g_main_context_iterate_unlocked ../../glib/glib/gmain.c:4289
    #8 0x7fd2269d1fef in g_main_context_iteration ../../glib/glib/gmain.c:4354
    #9 0x7fd21f0c5a85 in fp_context_enumerate ../libfprint/fp-context.c:575
---
 libfprint/drivers/synaptics/bmkt_message.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libfprint/drivers/synaptics/bmkt_message.c b/libfprint/drivers/synaptics/bmkt_message.c
index bace95ce..d297156c 100644
--- a/libfprint/drivers/synaptics/bmkt_message.c
+++ b/libfprint/drivers/synaptics/bmkt_message.c
@@ -256,7 +256,8 @@ bmkt_compose_message (uint8_t *cmd, int *cmd_len, uint8_t msg_id, uint8_t seq_nu
   cmd[BMKT_MESSAGE_SEQ_NUM_FIELD] = seq_num;
   cmd[BMKT_MESSAGE_ID_FIELD] = msg_id;
   cmd[BMKT_MESSAGE_PAYLOAD_LEN_FIELD] = payload_size;
-  memcpy (&cmd[BMKT_MESSAGE_PAYLOAD_FIELD], payload, payload_size);
+  if (payload_size > 0)
+    memcpy (&cmd[BMKT_MESSAGE_PAYLOAD_FIELD], payload, payload_size);
 
   *cmd_len = message_len;