From f772488945648a41a6d35237bdb9682be7dd3876 Mon Sep 17 00:00:00 2001
From: Kaz Kylheku <kaz@kylheku.com>
Date: Thu, 18 May 2017 20:48:15 -0700
Subject: ffi: bugfix: obj could be nil in buf ops.

* ffi.c (ffi_buf_in): Only get the original pointer if obj
isn't nil; otherwise use a null pointer.
(ffi_buf_d_in): Don't refer to length_buf(obj); obj could
be nil. And anyway, we know the buffer size from the type.
---
 ffi.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ffi.c b/ffi.c
index 75a37ab8..1249b81e 100644
--- a/ffi.c
+++ b/ffi.c
@@ -703,7 +703,7 @@ static val ffi_buf_in(struct txr_ffi_type *tft, int copy, mem_t *src,
                       val obj, val self)
 {
   mem_t **loc = coerce(mem_t **, src);
-  mem_t *origptr = buf_get(obj, self);
+  mem_t *origptr = if3(obj, buf_get(obj, self), 0);
 
   if (copy && *loc != origptr)
     obj = if2(*loc, make_duplicate_buf(length_buf(obj), *loc));
@@ -734,7 +734,7 @@ static val ffi_buf_d_in(struct txr_ffi_type *tft, int copy, mem_t *src,
   mem_t **loc = coerce(mem_t **, src);
 
   if (copy) {
-    obj = if2(*loc, make_borrowed_buf(length_buf(obj), *loc));
+    obj = if2(*loc, make_borrowed_buf(num(tft->nelem), *loc));
     *loc = 0;
   }
 
-- 
cgit v1.2.3