From e385fd11019bb1a53c7bbeff4d8b9a5972537c08 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakob=20L=C3=B6w?= <jakob@m4gnus.de>
Date: Fri, 30 Aug 2019 11:39:39 +0200
Subject: [PATCH] fix possible SIGSEGV on conversion

when converting byte and short values to larger values the conversion becomes
a simple copy opcode. The copy opcode however isn't included in the conversion
instrinsics array, causing an out of bounds read.
---
 jit/jit-insn.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/jit/jit-insn.c b/jit/jit-insn.c
index 81698e8..1c3ba7a 100644
--- a/jit/jit-insn.c
+++ b/jit/jit-insn.c
@@ -4236,7 +4236,8 @@ apply_conversion(jit_function_t func, int oper, jit_value_t value,
 		       jit_type_t result_type)
 {
 	/* Set the "may_throw" flag if the conversion may throw an exception */
-	if(convert_intrinsics[oper - 1].descr.ptr_result_type)
+	if(oper < sizeof(convert_intrinsics) / sizeof(jit_convert_intrinsic_t)
+		&& convert_intrinsics[oper - 1].descr.ptr_result_type)
 	{
 		func->builder->may_throw = 1;
 	}