Fixed uninitialized-memory-access in Object.defineProperties().

This closes #158 issue on Github.

diff --git a/njs/njs_object.c b/njs/njs_object.c
index f648d5074f137202b076b4adb41985fbc5dbdc02..33e29104d15eb691a5bb51f3336233dbfd5cc81d 100644 (file)
--- a/njs/njs_object.c
+++ b/njs/njs_object.c
@@ -1705,7 +1705,7 @@ njs_object_define_property(njs_vm_t *vm, njs_value_t *args, nxt_uint_t nargs,
         return NXT_ERROR;
     }
 
-    value = &args[1];
+    value = njs_argument(args, 1);
 
     if (!value->data.u.object->extensible) {
         njs_type_error(vm, "object is not extensible");
@@ -1743,15 +1743,14 @@ njs_object_define_properties(njs_vm_t *vm, njs_value_t *args, nxt_uint_t nargs,
     njs_object_prop_t  *prop;
     const njs_value_t  *descriptor;
 
-    value = &args[1];
-
-    if (!njs_is_object(value)) {
+    if (!njs_is_object(njs_arg(args, nargs, 1))) {
         njs_type_error(vm, "cannot convert %s argument to object",
-                       njs_type_string(value->type));
-
+                       njs_type_string(njs_arg(args, nargs, 1)->type));
         return NXT_ERROR;
     }
 
+    value = njs_argument(args, 1);
+
     if (!value->data.u.object->extensible) {
         njs_type_error(vm, "object is not extensible");
         return NXT_ERROR;

diff --git a/njs/test/njs_unit_test.c b/njs/test/njs_unit_test.c
index 02bc3c1660d956e9dbff2b39e0f84bde785eeb38..4f02b13e14dcc863c1df8cd98d0175afda9d98e9 100644 (file)
--- a/njs/test/njs_unit_test.c
+++ b/njs/test/njs_unit_test.c
@@ -9162,6 +9162,9 @@ static njs_unit_test_t  njs_test[] =
     { nxt_string("var o = Object.defineProperties({a:1}, {}); o.a"),
       nxt_string("1") },
 
+    { nxt_string("Object.defineProperties()"),
+      nxt_string("TypeError: cannot convert undefined argument to object") },
+
     { nxt_string("Object.defineProperties(1, {})"),
       nxt_string("TypeError: cannot convert number argument to object") },