LibJS: Don't mark blocks for unification multiple times

This would cause a UAF otherwise
author: Hendiadyoin1 <leon.a@serenityos.org> 2022-11-02 14:28:47 +0100
committer: Ali Mohammad Pur <Ali.mpfard@gmail.com> 2022-12-03 17:07:30 +0330
commit: 7697e096604693c3e8ec4af272673e4aca12fe1e (patch)
tree: 4d6eb01156dd7c7a2c6da530e78f457c7f83f876 /Userland/Libraries/LibJS
parent: 35db0c5e18ddb5057dc13be632c78bddc4aecfb2 (diff)
download: serenity-7697e096604693c3e8ec4af272673e4aca12fe1e.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/Userland/Libraries/LibJS/Bytecode/Pass/UnifySameBlocks.cpp b/Userland/Libraries/LibJS/Bytecode/Pass/UnifySameBlocks.cpp
index 184c3fe86c..9fcbd00466 100644
--- a/Userland/Libraries/LibJS/Bytecode/Pass/UnifySameBlocks.cpp
+++ b/Userland/Libraries/LibJS/Bytecode/Pass/UnifySameBlocks.cpp
@@ -24,6 +24,8 @@ void UnifySameBlocks::perform(PassPipelineExecutable& executable)
         auto& block = executable.executable.basic_blocks[i];
         auto block_bytes = block.instruction_stream();
         for (auto& candidate_block : executable.executable.basic_blocks.span().slice(i + 1)) {
+            if (equal_blocks.contains(&*candidate_block))
+                continue;
             // FIXME: This can probably be relaxed a bit...
             if (candidate_block->size() != block.size())
                 continue;
author	Hendiadyoin1 <leon.a@serenityos.org>	2022-11-02 14:28:47 +0100
committer	Ali Mohammad Pur <Ali.mpfard@gmail.com>	2022-12-03 17:07:30 +0330
commit	7697e096604693c3e8ec4af272673e4aca12fe1e (patch)
tree	4d6eb01156dd7c7a2c6da530e78f457c7f83f876 /Userland/Libraries/LibJS
parent	35db0c5e18ddb5057dc13be632c78bddc4aecfb2 (diff)
download	serenity-7697e096604693c3e8ec4af272673e4aca12fe1e.zip