diff options
author | Gavin Howard <gavin@yzena.com> | 2021-07-27 09:21:36 -0600 |
---|---|---|
committer | Gavin Howard <gavin@yzena.com> | 2021-07-27 09:22:18 -0600 |
commit | be2f6afca3336fd6de0163c9c5b9c25707d4d067 (patch) | |
tree | 1fcaed6c0cf24d411ea43dc6f9a30a716eb1a4d2 /src | |
parent | 43233b88c802596e3be13bbe5ee4a3350df178eb (diff) | |
download | platform_external_bc-be2f6afca3336fd6de0163c9c5b9c25707d4d067.tar.gz platform_external_bc-be2f6afca3336fd6de0163c9c5b9c25707d4d067.tar.bz2 platform_external_bc-be2f6afca3336fd6de0163c9c5b9c25707d4d067.zip |
Fix a crash found by AFL++
This was caused by not copying numbers properly when copying arrays as
function arguments. Easy fix.
Signed-off-by: Gavin Howard <gavin@yzena.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/lang.c | 9 |
1 files changed, 7 insertions, 2 deletions
@@ -38,6 +38,7 @@ #include <string.h> #include <lang.h> +#include <program.h> #include <vm.h> void bc_const_free(void *constant) { @@ -185,7 +186,10 @@ void bc_array_copy(BcVec *d, const BcVec *s) { assert(d != NULL && s != NULL); assert(d != s && d->size == s->size && d->dtor == s->dtor); - // Make sure to destroy everything currently in d. + // Make sure to destroy everything currently in d. This will put a lot of + // temps on the reuse list, so allocating later is not going to be as + // expensive as it seems. Also, it makes it easier to copy numbers that are + // strings. bc_vec_popAll(d); // Preexpand. @@ -200,7 +204,8 @@ void bc_array_copy(BcVec *d, const BcVec *s) { snum = bc_vec_item(s, i); // We have to create a copy of the number as well. - bc_num_createCopy(dnum, snum); + if (BC_PROG_STR(snum)) memcpy(dnum, snum, sizeof(BcNum)); + else bc_num_createCopy(dnum, snum); } } |