From c32792b810bd8a523a0a461ecc41adc367a82e7d Mon Sep 17 00:00:00 2001
From: lemon <lsof@mailbox.org>
Date: Tue, 20 Jun 2023 19:04:48 +0200
Subject: fix out of bounds read

---
 amd64/isel.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'amd64')

diff --git a/amd64/isel.c b/amd64/isel.c
index 51b5ac1..3c0b9e7 100644
--- a/amd64/isel.c
+++ b/amd64/isel.c
@@ -119,6 +119,7 @@ selcall(struct function *fn, struct instr *ins, struct block *blk, int *curi)
       /* duplicate to reuse same TMP ref */
       insertinstr(blk, (*curi)++, *ins);
       *ins = mkinstr(Ocopy, cls, mkref(RREG, call->abiret[0].reg));
+      if (*curi + 1 < blk->ins.n)
       if (instrtab[blk->ins.p[*curi + 1]].op == Ocall2r) {
          ins = &instrtab[blk->ins.p[++*curi]];
          *ins = mkinstr(Ocopy, ins->cls, mkref(RREG, call->abiret[1].reg));
-- 
cgit v1.2.3