From 9bb817c2beac1baf40a9d022db350fc83a453da2 Mon Sep 17 00:00:00 2001
From: Kaz Kylheku <kaz@kylheku.com>
Date: Thu, 18 May 2017 20:11:55 -0700
Subject: ffi: carray-free resets length.

* ffi.c (carray_free): Don't just reset the pointer
to null, but also set the number of elements to zero.
That will prevent indexing operations from dereferencing null.
---
 ffi.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ffi.c b/ffi.c
index 693c700f..e5f70b3e 100644
--- a/ffi.c
+++ b/ffi.c
@@ -2379,6 +2379,7 @@ val carray_free(val carray)
   if (carray->co.ops == &carray_owned_ops) {
     free(scry->data);
     scry->data = 0;
+    scry->nelem = 0;
   } else {
     uw_throwf(error_s, lit("~a: cannot free unowned carray ~s"),
               self, carray, nao);
-- 
cgit v1.2.3