From c402551277239098e2da98e223ddd67d061ae2a7 Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Mon, 14 Mar 2022 13:14:12 +0100 Subject: vm: fix crash on object literals with non-string computed properties When executing an object literal declaration using non-string computed property name values, the VM crashed caused by an attempt to use a NULL pointer (result of ucv_string_get() on a non-string value) as hash table key. Fix this issue by using the `ucv_key_set()` infrastructure which deals with the implicit stringification of non-string key values. Signed-off-by: Jo-Philipp Wich --- vm.c | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) (limited to 'vm.c') diff --git a/vm.c b/vm.c index b6a0a26..0c756d7 100644 --- a/vm.c +++ b/vm.c @@ -1804,15 +1804,12 @@ static void uc_vm_insn_sobj(uc_vm_t *vm, uc_vm_insn_t insn) { uc_value_t *obj = uc_vm_stack_peek(vm, vm->arg.u32); - uc_value_t *val; size_t idx; - for (idx = 0; idx < vm->arg.u32; idx += 2) { - val = uc_vm_stack_peek(vm, vm->arg.u32 - idx - 1); - ucv_object_add(obj, - ucv_string_get(val), - ucv_get(uc_vm_stack_peek(vm, vm->arg.u32 - idx - 2))); - } + for (idx = 0; idx < vm->arg.u32; idx += 2) + ucv_key_set(vm, obj, + uc_vm_stack_peek(vm, vm->arg.u32 - idx - 1), + uc_vm_stack_peek(vm, vm->arg.u32 - idx - 2)); for (idx = 0; idx < vm->arg.u32; idx++) ucv_put(uc_vm_stack_pop(vm)); -- cgit v1.2.3