From 419e50adf7887429f4eebc792f2984d9d89b0faf Mon Sep 17 00:00:00 2001 From: Kaz Kylheku Date: Thu, 13 Jan 2022 07:33:14 -0800 Subject: carray-replace: two overrun bugs. * ffi.c (carray_replace): In the case when we replace a larger range by a smaller one, when the upper part of the aray shifts down, we are not correctly clearing to zeros the vacated part of the array. The variable whole is a displacement from the base of the array, not from ptr. Secondly, the copying loop must go rom fr to below sn, not below vn; sn is derived from vn but truncated not to go past the array. * tests/017/carray.tl: New file. Several cases here fail before this fix. --- ffi.c | 4 ++-- tests/017/carray.tl | 16 ++++++++++++++++ 2 files changed, 18 insertions(+), 2 deletions(-) create mode 100644 tests/017/carray.tl diff --git a/ffi.c b/ffi.c index 6428bf91..8388b5cf 100644 --- a/ffi.c +++ b/ffi.c @@ -5877,11 +5877,11 @@ val carray_replace(val carray, val values, val from, val to) } else if (newrange < oldrange) { cnum delta = oldrange - newrange; memmove(ptr + newrange, ptr + oldrange, tail); - memset(ptr + whole - delta, 0, delta); + memset(scry->data + whole - delta, 0, delta); } } - for (; fn < vn; fn++, ptr += elsize) { + for (; fn < sn; fn++, ptr += elsize) { val item = seq_geti(&item_iter); eltft->put(eltft, item, ptr, self); } diff --git a/tests/017/carray.tl b/tests/017/carray.tl new file mode 100644 index 00000000..1d450d1a --- /dev/null +++ b/tests/017/carray.tl @@ -0,0 +1,16 @@ +(load "../common") + +(let* ((bf (make-buf 16)) + (ca (carray-buf bf (ffi uchar)))) + (mtest + (buf-put-buf bf (make-buf 8 255) 8) #b'ffffffffffffffff' + bf #b'0000000000000000 ffffffffffffffff' + (carray-set-length ca 8) nil + (set [ca -1..10] #(1 2 3)) #(1 2 3) + bf #b'0000000000000001 ffffffffffffffff' + (set [ca 2..7] #(1 2 3)) #(1 2 3) + bf #b'0000010203010000 ffffffffffffffff' + (set [ca 3..4] #(10 11 12)) #(10 11 12) + bf #b'0000010A0B0C0301 ffffffffffffffff' + (set [ca 3..3] #(9)) #(9) + bf #b'000001090A0B0C03 ffffffffffffffff')) -- cgit v1.2.3