diff options
| author | Mike Pall <mike> | 2022-12-07 17:19:29 +0100 |
|---|---|---|
| committer | Mike Pall <mike> | 2022-12-07 17:19:29 +0100 |
| commit | cc96ab9d513582703f8663a8775a935b56db32b7 (patch) | |
| tree | e30f386a3eb8365aff7a0a51a072f212326f1461 /src/lj_crecord.c | |
| parent | 1c5113aea9b5b8c1477332b8b3aa3cf47372b596 (diff) | |
| download | luajit-cc96ab9d513582703f8663a8775a935b56db32b7.tar.gz luajit-cc96ab9d513582703f8663a8775a935b56db32b7.tar.bz2 luajit-cc96ab9d513582703f8663a8775a935b56db32b7.zip | |
FFI: Fix dangling reference to CType. Improve checks.
Reported by elmknot.
Diffstat (limited to 'src/lj_crecord.c')
| -rw-r--r-- | src/lj_crecord.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/lj_crecord.c b/src/lj_crecord.c index 3f3552a6..2fcc6d1c 100644 --- a/src/lj_crecord.c +++ b/src/lj_crecord.c | |||
| @@ -1396,9 +1396,13 @@ void LJ_FASTCALL recff_cdata_arith(jit_State *J, RecordFFData *rd) | |||
| 1396 | if (ctype_isenum(ct->info)) ct = ctype_child(cts, ct); | 1396 | if (ctype_isenum(ct->info)) ct = ctype_child(cts, ct); |
| 1397 | goto ok; | 1397 | goto ok; |
| 1398 | } else if (ctype_isfunc(ct->info)) { | 1398 | } else if (ctype_isfunc(ct->info)) { |
| 1399 | CTypeID id0 = i ? ctype_typeid(cts, s[0]) : 0; | ||
| 1399 | tr = emitir(IRT(IR_FLOAD, IRT_PTR), tr, IRFL_CDATA_PTR); | 1400 | tr = emitir(IRT(IR_FLOAD, IRT_PTR), tr, IRFL_CDATA_PTR); |
| 1400 | ct = ctype_get(cts, | 1401 | ct = ctype_get(cts, |
| 1401 | lj_ctype_intern(cts, CTINFO(CT_PTR, CTALIGN_PTR|id), CTSIZE_PTR)); | 1402 | lj_ctype_intern(cts, CTINFO(CT_PTR, CTALIGN_PTR|id), CTSIZE_PTR)); |
| 1403 | if (i) { | ||
| 1404 | s[0] = ctype_get(cts, id0); /* cts->tab may have been reallocated. */ | ||
| 1405 | } | ||
| 1402 | goto ok; | 1406 | goto ok; |
| 1403 | } else { | 1407 | } else { |
| 1404 | tr = emitir(IRT(IR_ADD, IRT_PTR), tr, lj_ir_kintp(J, sizeof(GCcdata))); | 1408 | tr = emitir(IRT(IR_ADD, IRT_PTR), tr, lj_ir_kintp(J, sizeof(GCcdata))); |