Issue #332: fix a long-standing bug in array_list_put_idx() where it would attempt to free previously free'd entries due to not checking the current array length.

Add a test that triggers the problem to ensure it stays fixed.
2026-03-26 16:39:06 +08:00 · 2017-07-08 19:04:35 -07:00
parent 7fd74fc7a3
commit fd9b3b2260
2 changed files with 15 additions and 1 deletions
--- a/arraylist.c
+++ b/arraylist.c
@@ -96,7 +96,8 @@ array_list_put_idx(struct array_list *arr, size_t idx, void *data)
 {
  if (idx > SIZE_T_MAX - 1 ) return -1;
  if(array_list_expand_internal(arr, idx+1)) return -1;
-  if(arr->array[idx]) arr->free_fn(arr->array[idx]);
+  if(idx < arr->length && arr->array[idx])
+    arr->free_fn(arr->array[idx]);
  arr->array[idx] = data;
  if(arr->length <= idx) arr->length = idx + 1;
  return 0;