types: fix uninitialized memory on setting non-contiguous array indexes

When ucode sets array indexes far after the array end so that a realloc() is triggered interally, the memory between the last existing array element and the newly set one was left uninitialized, leading to random segmentation faults, infinite loops or other invalid memory access symptoms. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
author: Jo-Philipp Wich <jo@mein.io> 2021-05-20 19:49:23 +0200
committer: Jo-Philipp Wich <jo@mein.io> 2021-05-20 19:49:23 +0200
commit: 54ca3aa25f5dd551d974724524b5f0958da35b34 (patch)
tree: fc907240c0455f07fb6357f3aff1c9eca39cd13b /types.c
parent: cbc0d78816df398364c1aeec9c36f10bf6cf8e28 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/types.c b/types.c
index af56320..b1172eb 100644
--- a/types.c
+++ b/types.c
@@ -699,13 +699,18 @@ bool
 ucv_array_set(uc_value_t *uv, size_t index, uc_value_t *item)
 {
 	uc_array_t *array = (uc_array_t *)uv;
+	size_t old_count;
 
 	if (ucv_type(uv) != UC_ARRAY)
 		return false;
 
 	if (index >= array->count) {
+		old_count = array->count;
 		array->count = index + 1;
 		uc_vector_grow(array);
+
+		while (old_count < array->count)
+			array->entries[old_count++] = NULL;
 	}
 	else {
 		ucv_put(array->entries[index]);
author	Jo-Philipp Wich <jo@mein.io>	2021-05-20 19:49:23 +0200
committer	Jo-Philipp Wich <jo@mein.io>	2021-05-20 19:49:23 +0200
commit	54ca3aa25f5dd551d974724524b5f0958da35b34 (patch)
tree	fc907240c0455f07fb6357f3aff1c9eca39cd13b /types.c
parent	cbc0d78816df398364c1aeec9c36f10bf6cf8e28 (diff)