ref: 69b312d13bcff1743b5954c191292863fd1ec42c
parent: 16049bbbdc7b5a3c4c2eafc9c07ede1c2f0aa85f
author: Tor Andersson <tor.andersson@artifex.com>
date: Fri Sep 6 08:14:22 EDT 2019
Fix coverity issue: memory corruption due to overlapping copy.
--- a/jsvalue.c
+++ b/jsvalue.c
@@ -592,12 +592,12 @@
if (x->type == JS_TBOOLEAN) {x->type = JS_TNUMBER;
- x->u.number = x->u.boolean;
+ x->u.number = x->u.boolean ? 1 : 0;
goto retry;
}
if (y->type == JS_TBOOLEAN) {y->type = JS_TNUMBER;
- y->u.number = y->u.boolean;
+ y->u.number = y->u.boolean ? 1 : 0;
goto retry;
}
if ((JSV_ISSTRING(x) || x->type == JS_TNUMBER) && y->type == JS_TOBJECT) {