From d43d2cbdb11a62fce48fb2d7e38ae6fd5aef65e6 Mon Sep 17 00:00:00 2001 From: Krasimir Angelov Date: Tue, 3 Sep 2024 16:41:22 +0200 Subject: [PATCH] fix potential crashes --- src/runtime/c/pgf/expr.cxx | 6 ++++-- src/runtime/c/pgf/pgf.cxx | 3 ++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/src/runtime/c/pgf/expr.cxx b/src/runtime/c/pgf/expr.cxx index 0e8496ae0..2827b3bf6 100644 --- a/src/runtime/c/pgf/expr.cxx +++ b/src/runtime/c/pgf/expr.cxx @@ -202,7 +202,8 @@ PgfType PgfDBUnmarshaller::dtyp(size_t n_hypos, PgfTypeHypo *hypos, ref ty = PgfDB::malloc(cat->size+1); memcpy(&ty->name, cat, sizeof(PgfText)+cat->size+1); - ty->hypos = vector::alloc(n_hypos); + vector new_hypos = vector::alloc(n_hypos); + ty->hypos = new_hypos; for (size_t i = 0; i < n_hypos; i++) { ref hypo = ty->hypos.elem(i); hypo->bind_type = hypos[i].bind_type; @@ -210,7 +211,8 @@ PgfType PgfDBUnmarshaller::dtyp(size_t n_hypos, PgfTypeHypo *hypos, PgfType type = m->match_type(this, hypos[i].type); hypo->type = type; } - ty->exprs = vector::alloc(n_exprs); + vector new_exprs = vector::alloc(n_exprs); + ty->exprs = new_exprs; for (size_t i = 0; i < n_exprs; i++) { PgfExpr expr = m->match_expr(this, exprs[i]); ty->exprs[i] = expr; diff --git a/src/runtime/c/pgf/pgf.cxx b/src/runtime/c/pgf/pgf.cxx index 9bf83771a..e97ffe525 100644 --- a/src/runtime/c/pgf/pgf.cxx +++ b/src/runtime/c/pgf/pgf.cxx @@ -1572,7 +1572,8 @@ void pgf_create_category(PgfDB *db, PgfRevision revision, ref pgf = db->revision2pgf(revision); ref abscat = PgfDB::malloc(name->size+1); - abscat->context = vector::alloc(n_hypos); + vector new_context = vector::alloc(n_hypos); + abscat->context = new_context; abscat->prob = prob; memcpy(&abscat->name, name, sizeof(PgfText)+name->size+1);