summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorJo-Philipp Wich <jo@mein.io>2021-05-20 19:49:23 +0200
committerJo-Philipp Wich <jo@mein.io>2021-05-20 19:49:23 +0200
commit54ca3aa25f5dd551d974724524b5f0958da35b34 (patch)
treefc907240c0455f07fb6357f3aff1c9eca39cd13b
parentcbc0d78816df398364c1aeec9c36f10bf6cf8e28 (diff)
types: fix uninitialized memory on setting non-contiguous array indexes
When ucode sets array indexes far after the array end so that a realloc() is triggered interally, the memory between the last existing array element and the newly set one was left uninitialized, leading to random segmentation faults, infinite loops or other invalid memory access symptoms. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
-rw-r--r--types.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/types.c b/types.c
index af56320..b1172eb 100644
--- a/types.c
+++ b/types.c
@@ -699,13 +699,18 @@ bool
ucv_array_set(uc_value_t *uv, size_t index, uc_value_t *item)
{
uc_array_t *array = (uc_array_t *)uv;
+ size_t old_count;
if (ucv_type(uv) != UC_ARRAY)
return false;
if (index >= array->count) {
+ old_count = array->count;
array->count = index + 1;
uc_vector_grow(array);
+
+ while (old_count < array->count)
+ array->entries[old_count++] = NULL;
}
else {
ucv_put(array->entries[index]);