From 633d1a10a7509e052571ea3db6f44157e6620326 Mon Sep 17 00:00:00 2001
From: Kaz Kylheku <kaz@kylheku.com>
Date: Mon, 20 Feb 2017 07:10:13 -0800
Subject: Fix lack of robustness in struct module.

The symbolp test is too weak before calling lookup_slot,
because nil satisfies it, but lookup_slot dereferences
the symbol pointer to access its slot cache.

One of many test cases: parsing #S(time nil nil) segfaults.

* struct.c (slot, maybe_slot, slotset, uslot_fun, umethod_fun,
umethod_args_fun): Check that sym isn't nil before looking it
up as a slot.
---
 struct.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/struct.c b/struct.c
index 9805f5f8..5a0e4734 100644
--- a/struct.c
+++ b/struct.c
@@ -859,7 +859,7 @@ val slot(val strct, val sym)
   const val self = lit("slot");
   struct struct_inst *si = struct_handle(strct, self);
 
-  if (symbolp(sym)) {
+  if (sym && symbolp(sym)) {
     loc ptr = lookup_slot_load(strct, si, sym);
     if (!nullocp(ptr))
       return deref(ptr);
@@ -873,7 +873,7 @@ val maybe_slot(val strct, val sym)
   const val self = lit("slot");
   struct struct_inst *si = struct_handle(strct, self);
 
-  if (symbolp(sym)) {
+  if (sym && symbolp(sym)) {
     loc ptr = lookup_slot_load(strct, si, sym);
     if (!nullocp(ptr))
       return deref(ptr);
@@ -887,7 +887,7 @@ val slotset(val strct, val sym, val newval)
   const val self = lit("slotset");
   struct struct_inst *si = struct_handle(strct, self);
 
-  if (symbolp(sym)) {
+  if (sym && symbolp(sym)) {
     loc ptr = lookup_slot(strct, si, sym);
     if (!nullocp(ptr)) {
       if (!si->dirty) {
@@ -1213,7 +1213,7 @@ static val uslot_fun(val sym, val strct)
   val self = lit("uslot");
   struct struct_inst *si = struct_handle(strct, self);
 
-  if (symbolp(sym)) {
+  if (sym && symbolp(sym)) {
     loc ptr = lookup_slot(strct, si, sym);
     if (!nullocp(ptr))
       return deref(ptr);
@@ -1239,7 +1239,7 @@ static val umethod_fun(val sym, struct args *args)
 
     struct struct_inst *si = struct_handle(strct, self);
 
-    if (symbolp(sym)) {
+    if (sym && symbolp(sym)) {
       loc ptr = lookup_slot(strct, si, sym);
       if (!nullocp(ptr))
         return generic_funcall(deref(ptr), args);
@@ -1269,7 +1269,7 @@ static val umethod_args_fun(val env, struct args *args)
 
     struct struct_inst *si = struct_handle(strct, self);
 
-    if (symbolp(sym)) {
+    if (sym && symbolp(sym)) {
       loc ptr = lookup_slot(strct, si, sym);
       if (!nullocp(ptr))
         return generic_funcall(deref(ptr), args_call);
-- 
cgit v1.2.3