From 552b75c3572b11e37581c2c5ac359319af6941f5 Mon Sep 17 00:00:00 2001
From: Kaz Kylheku <kaz@kylheku.com>
Date: Tue, 25 Jul 2023 21:57:28 -0700
Subject: hash: out of bound array access in hash-iter-peek.

* hash.c (hash_iter_peek): The loop here must be a top-of-test
while loop, not a bottom-test do loop. In the chained hashing
implementation, this was a do loop, but it also had a test
with a break for the index.
---
 hash.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hash.c b/hash.c
index b24740ec..2c915540 100644
--- a/hash.c
+++ b/hash.c
@@ -1341,11 +1341,11 @@ val hash_iter_peek(struct hash_iter *hi)
   if (!h)
     return nil;
 
-  do {
+  while (index <= mask) {
     val cell = hi->table->v.vec[index++];
     if (cell)
       return cell;
-  } while (index <= mask);
+  }
 
   return nil;
 }
-- 
cgit v1.2.3