From d3a5589379055a9fd10a3fabf6a64f92d95d2f72 Mon Sep 17 00:00:00 2001
From: Dmitry Volyntsev <xeioex@nginx.com>
Date: Tue, 9 Jan 2024 09:14:42 -0800
Subject: [PATCH] Avoiding arithmetic ops with NULL in
 %TypedArray%.prototype.sort().

Found by UndefinedBehaviorSanitizer.
---
 src/njs_typed_array.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/njs_typed_array.c b/src/njs_typed_array.c
index 7b0abc63..c483ff52 100644
--- a/src/njs_typed_array.c
+++ b/src/njs_typed_array.c
@@ -2035,6 +2035,11 @@ njs_typed_array_prototype_sort(njs_vm_t *vm, njs_value_t *args,
     }
 
     njs_qsort(base, length, element_size, cmp, &ctx);
+
+    if (njs_slow_path(ctx.exception)) {
+        return NJS_ERROR;
+    }
+
     if (ctx.function != NULL) {
         if (&buffer->u.u8[array->offset * element_size] == orig) {
             memcpy(orig, base, length * element_size);
@@ -2043,10 +2048,6 @@ njs_typed_array_prototype_sort(njs_vm_t *vm, njs_value_t *args,
         njs_mp_free(vm->mem_pool, base);
     }
 
-    if (njs_slow_path(ctx.exception)) {
-        return NJS_ERROR;
-    }
-
     njs_set_typed_array(retval, array);
 
     return NJS_OK;
-- 
2.47.3