From 8cdb14885a66722d4dfefb065091703131a0f6f7 Mon Sep 17 00:00:00 2001
From: Dmitry Rodionov <d.rodionov@picodata.io>
Date: Fri, 7 Jun 2024 15:36:47 +0300
Subject: [PATCH] chore: fix deref of null warning

Return value of a function 'lj_tab_getinth' is dereferenced at
lj_ccallback.c:540 without checking for NULL, but it is usually checked
for this function (14/15).
---
 .../svace_patches/luajit_lj_ccallback.patch   | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 certification_patches/svace_patches/luajit_lj_ccallback.patch

diff --git a/certification_patches/svace_patches/luajit_lj_ccallback.patch b/certification_patches/svace_patches/luajit_lj_ccallback.patch
new file mode 100644
index 0000000000..1ddfb8beca
--- /dev/null
+++ b/certification_patches/svace_patches/luajit_lj_ccallback.patch
@@ -0,0 +1,26 @@
+diff --git a/src/lj_ccallback.c b/src/lj_ccallback.c
+index 3738c234..630e9452 100644
+--- a/src/lj_ccallback.c
++++ b/src/lj_ccallback.c
+@@ -3,6 +3,7 @@
+ ** Copyright (C) 2005-2017 Mike Pall. See Copyright Notice in luajit.h
+ */
+ 
++#include "stdio.h"
+ #include "lj_obj.h"
+ 
+ #if LJ_HASFFI
+@@ -537,7 +538,12 @@ static void callback_conv_args(CTState *cts, lua_State *L)
+   if (slot < cts->cb.sizeid && (id = cts->cb.cbid[slot]) != 0) {
+     ct = ctype_get(cts, id);
+     rid = ctype_cid(ct->info);  /* Return type. x86: +(spadj<<16). */
+-    fn = funcV(lj_tab_getint(cts->miscmap, (int32_t)slot));
++    cTValue *tv = lj_tab_getint(cts->miscmap, (int32_t)slot);
++    if (LJ_UNLIKELY(tv == NULL)) { // assert
++      fprintf(stderr, "tv == NULL in %s:%d", __FILE__, __LINE__);
++      abort();
++    }
++    fn = funcV(tv);
+     fntp = LJ_TFUNC;
+   } else {  /* Must set up frame first, before throwing the error. */
+     ct = NULL;
-- 
GitLab