src: fix use-after-return in zlib bindings

Pointed out by Coverity. Introduced in commit 5b8e1da from September 2011 ("Initial pass at zlib bindings".) The asynchronous version of Write() used a pointer to a stack-allocated buffer on flush. A mitigating factor is that zlib does not dereference the pointer for zero-sized writes but it's still technically UB. PR-URL: #7374 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
nodejs · Jul 12, 2016 · 8be9d0a · 8be9d0a
1 parent b3811fd
commit 8be9d0a
Showing 1 changed file with 1 addition and 2 deletions.
diff --git a/src/node_zlib.cc b/src/node_zlib.cc
@@ -145,8 +145,7 @@ class ZCtx : public AsyncWrap {
 
     if (args[1]->IsNull()) {
       // just a flush
-      Bytef nada[1] = { 0 };
-      in = nada;
+      in = nullptr;
       in_len = 0;
       in_off = 0;
     } else {