details: https://hg.nginx.org/njs/rev/50c587f74a09
branches:
changeset: 2263:50c587f74a09
user: Dmitry Volyntsev <xei...@nginx.com>
date: Tue Jan 09 09:14:42 2024 -0800
description:
Avoiding arithmetic ops with NULL in %TypedArray%.prototype.sort().
Found by UndefinedBehaviorSanitizer.
diffstat:
src/njs_typed_array.c | 9 +++++----
1 files changed, 5 insertions(+), 4 deletions(-)
diffs (26 lines):
diff -r f4cb0dc3e8ea -r 50c587f74a09 src/njs_typed_array.c
--- a/src/njs_typed_array.c Mon Jan 08 22:21:14 2024 -0800
+++ b/src/njs_typed_array.c Tue Jan 09 09:14:42 2024 -0800
@@ -2035,6 +2035,11 @@ njs_typed_array_prototype_sort(njs_vm_t
}
njs_qsort(base, length, element_size, cmp, &ctx);
+
+ if (njs_slow_path(ctx.exception)) {
+ return NJS_ERROR;
+ }
+
if (ctx.function != NULL) {
if (&buffer->u.u8[array->offset * element_size] == orig) {
memcpy(orig, base, length * element_size);
@@ -2043,10 +2048,6 @@ njs_typed_array_prototype_sort(njs_vm_t
njs_mp_free(vm->mem_pool, base);
}
- if (njs_slow_path(ctx.exception)) {
- return NJS_ERROR;
- }
-
njs_set_typed_array(retval, array);
return NJS_OK;
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel
