Am 25.06.25 um 13:39 schrieb Andre Vehreschild:
Hi all,
attached patch fixes an out of bounds access in the clean up code of a
concatenating array constructor. A fragment like
list = [ list, something() ]
lead to clean up using an offset (of the list array) that was manipulated in
the loop copying the existing array elements and at the end pointing to one
element past the list (after the concatenation).
This fixes a 15-regression. Releases prior to 15 do not have the out
of bounds access in the (non existing) clean up code. The have a memory
leak instead.
Regtested ok on x86_64-pc-linux-gnu / F41. Ok for mainline?
This looks good to me.
Given the severity of the bug, do you plan to backport to 15-branch?
Thanks for the patch!
Harald
The subject says, that there will be 3 patches. Only this one fixes the bug.
The other fixes I found while hunting this issue and because they play in the
general same area, I don't want to loose them. I therefore publish them in this
context.
Regards,
Andre
