fries/quickjs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix potential atom leak in JS_ReadFunctionTag (#380)

Browse source
This commit is contained in:
Charlie Gordon 2024-04-15 14:03:24 +02:00 committed by GitHub
parent 8dcdb92047
commit 7597fc7fb0
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
quickjs.c
View file

@ -33883,7 +33883,7 @@ static JSValue JS_ReadFunctionTag(BCReaderState *s)
if (bc_get_u8(s, &v8)) if (bc_get_u8(s, &v8))
goto fail; goto fail;
bc.js_mode = v8; bc.js_mode = v8;
if (bc_get_atom(s, &bc.func_name)) //@ atom leak if failure if (bc_get_atom(s, &bc.func_name))
goto fail; goto fail;
if (bc_get_leb128_u16(s, &bc.arg_count)) if (bc_get_leb128_u16(s, &bc.arg_count))
goto fail; goto fail;
@ -33914,9 +33914,10 @@ static JSValue JS_ReadFunctionTag(BCReaderState *s)
b = js_mallocz(ctx, function_size); b = js_mallocz(ctx, function_size);
if (!b) if (!b)
return JS_EXCEPTION; goto fail;
memcpy(b, &bc, sizeof(*b)); memcpy(b, &bc, sizeof(*b));
bc.func_name = JS_ATOM_NULL;
b->header.ref_count = 1; b->header.ref_count = 1;
if (local_count != 0) { if (local_count != 0) {
b->vardefs = (void *)((uint8_t*)b + vardefs_offset); b->vardefs = (void *)((uint8_t*)b + vardefs_offset);
@ -34059,6 +34060,7 @@ static JSValue JS_ReadFunctionTag(BCReaderState *s)
b->realm = JS_DupContext(ctx); b->realm = JS_DupContext(ctx);
return obj; return obj;
fail: fail:
JS_FreeAtom(ctx, bc.func_name);
JS_FreeValue(ctx, obj); JS_FreeValue(ctx, obj);
return JS_EXCEPTION; return JS_EXCEPTION;
} }