snac2

Fork of https://codeberg.org/grunfink/snac2
git clone https://git.inz.fi/snac2
Log | Files | Refs | README | LICENSE
commit 6d82708fbda83138bbb647e4cd3e8f8856084f44
parent d40834edd1aa9d4fdb7cbcacb20edfe11734293f
Author: Santtu Lakkala <inz@inz.fi>
Date:   Thu, 20 Feb 2025 16:23:11 +0200

Fix uninitialised memory access

Avoid calling xs_type() on uninitialised memory when xs_extend() is
called with NULL data.

Diffstat:

Mxs.h | 7++++---


1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/xs.h b/xs.h
@@ -398,6 +398,7 @@ xs_val *xs_dup(const xs_val *data)
 xs_val *xs_expand(xs_val *data, int offset, int size)
 /* opens a hole in data */
 {
+    xstype type = xs_type(data);
     int sz = xs_size(data);
     int n;
 
@@ -410,9 +411,9 @@ xs_val *xs_expand(xs_val *data, int offset, int size)
     for (n = sz - 1; n >= offset + size; n--)
         data[n] = data[n - size];
 
-    if (xs_type(data) == XSTYPE_LIST ||
-        xs_type(data) == XSTYPE_DICT ||
-        xs_type(data) == XSTYPE_DATA)
+    if (type == XSTYPE_LIST ||
+        type == XSTYPE_DICT ||
+        type == XSTYPE_DATA)
         _xs_put_size(data, sz);
 
     return data;