Skip to content

Commit

Permalink
Array.filter crash fix
Browse files Browse the repository at this point in the history 
FossilOrigin-Name: 83722b3e053c641ea975bc66e1e5b60d0ff1c0ea482572712af64ce7b07e02b9
  • Loading branch information
pmacdona committed Oct 20, 2020
1 parent 9f58ec1 commit d36c885
Showing 1 changed file with 9 additions and 3 deletions.
12 changes: 9 additions & 3 deletions src/jsiArray.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -414,6 +414,7 @@ static Jsi_RC jsi_ArrayFilterCmd(Jsi_Interp *interp, Jsi_Value *args, Jsi_Value
nobj = Jsi_ObjNewType(interp, JSI_OT_ARRAY);
nsiz = obj->arrCnt;
if (nsiz<=0) nsiz = 1;
Jsi_IncrRefCount(interp, _this);
if (Jsi_ObjArraySizer(interp, nobj, nsiz) <= 0) {
rc = Jsi_LogError("index too large: %d", nsiz);
goto bail;
Expand All @@ -436,18 +437,23 @@ static Jsi_RC jsi_ArrayFilterCmd(Jsi_Interp *interp, Jsi_Value *args, Jsi_Value
rc = Jsi_FunctionInvoke(interp, func, vpargs, &nrPtr, sthis);
Jsi_DecrRefCount(interp, vpargs);
fval = Jsi_ValueIsTrue(interp, nrPtr);
Jsi_ValueMakeUndef(interp, &nrPtr);
if( JSI_OK!=rc ) {
goto bail;
}
if (fval) {
nobj->arr[n++] = obj->arr[i];
Jsi_IncrRefCount(interp, obj->arr[i]);
if (Jsi_ValueIsArray(interp, _this) && _this->d.obj == obj && i<(int)obj->arrCnt && obj->arr[i]) {
nobj->arr[n] = obj->arr[i];
Jsi_IncrRefCount(interp, nobj->arr[n]);
} else
nobj->arr[n] = Jsi_ValueDup(interp, nrPtr);
n++;
}
Jsi_ValueMakeUndef(interp, &nrPtr);
}
Jsi_ObjSetLength(interp, nobj, n);

bail:
Jsi_DecrRefCount(interp, _this);
if (nthis)
Jsi_DecrRefCount(interp, nthis);
if (nrPtr)
Expand Down

0 comments on commit d36c885

Please sign in to comment.