prevent 0 length allocation in `js_worker_postMessage`

author: Charlie Gordon <github@chqrlie.org> 2024-03-03 14:42:01 +0100
committer: Charlie Gordon <github@chqrlie.org> 2024-03-03 14:42:01 +0100
commit: 1a5333bcb322d289eb8d48ccdd5f4dd724bf5c5d (patch)
tree: a35458350b75e579731f8611e4d596aae728f2ba /quickjs-libc.c
parent: e17cb9fc7aac2432bbefeec9a31e186329e511b0 (diff)
download: quickjs-1a5333bcb322d289eb8d48ccdd5f4dd724bf5c5d.tar.gz
quickjs-1a5333bcb322d289eb8d48ccdd5f4dd724bf5c5d.zip
1 files changed, 6 insertions, 4 deletions
diff --git a/quickjs-libc.c b/quickjs-libc.c
index 01c9db4..b00dc16 100644
--- a/quickjs-libc.c
+++ b/quickjs-libc.c
@@ -3527,10 +3527,12 @@ static JSValue js_worker_postMessage(JSContext *ctx, JSValueConst this_val,
     memcpy(msg->data, data, data_len);
     msg->data_len = data_len;
 
-    msg->sab_tab = malloc(sizeof(msg->sab_tab[0]) * sab_tab_len);
-    if (!msg->sab_tab)
-        goto fail;
-    memcpy(msg->sab_tab, sab_tab, sizeof(msg->sab_tab[0]) * sab_tab_len);
+    if (sab_tab_len > 0) {
+        msg->sab_tab = malloc(sizeof(msg->sab_tab[0]) * sab_tab_len);
+        if (!msg->sab_tab)
+            goto fail;
+        memcpy(msg->sab_tab, sab_tab, sizeof(msg->sab_tab[0]) * sab_tab_len);
+    }
     msg->sab_tab_len = sab_tab_len;
 
     js_free(ctx, data);
author	Charlie Gordon <github@chqrlie.org>	2024-03-03 14:42:01 +0100
committer	Charlie Gordon <github@chqrlie.org>	2024-03-03 14:42:01 +0100
commit	1a5333bcb322d289eb8d48ccdd5f4dd724bf5c5d (patch)
tree	a35458350b75e579731f8611e4d596aae728f2ba /quickjs-libc.c
parent	e17cb9fc7aac2432bbefeec9a31e186329e511b0 (diff)
download	quickjs-1a5333bcb322d289eb8d48ccdd5f4dd724bf5c5d.tar.gz quickjs-1a5333bcb322d289eb8d48ccdd5f4dd724bf5c5d.zip