Manabu Nishiyama (non-FlightGear Nasal user) discovered an

uninitialized data bug in naHash_cget().  When the hashcode field of
naStr was introduced, I forgot to set it in this function, which
creates a temporary naStr on the stack.

diff --git a/simgear/nasal/hash.c b/simgear/nasal/hash.c
index 55946535fe921fbbfcfea8f630a54df1309bf031..188254236f51f34f12876f8a32ab3863b45a4e25 100644 (file)
--- a/simgear/nasal/hash.c
+++ b/simgear/nasal/hash.c
@@ -49,7 +49,7 @@ static unsigned int hashcolumn(struct HashRec* h, naRef key)
     return (HASH_MAGIC * hashcode(key)) >> (32 - h->lgalloced);
 }
 
-static struct HashRec* hashrealloc(struct naHash* hash)
+static struct HashRec* resize(struct naHash* hash)
 {
     struct HashRec *h, *h0 = hash->rec;
     int lga, cols, need = h0 ? h0->size - h0->dels : MIN_HASH_SIZE;
@@ -119,6 +119,7 @@ static void tmpStr(naRef* out, struct naStr* str, char* key)
 {
     str->len = 0;
     str->data = (unsigned char*)key;
+    str->hashcode = 0;
     while(key[str->len]) str->len++;
     *out = naNil();
     out->ref.ptr.str = str;
@@ -171,7 +172,7 @@ void naHash_newsym(struct naHash* hash, naRef* sym, naRef* val)
     int col;
     struct HashRec* h = hash->rec;
     while(!h || h->size >= 1<<h->lgalloced)
-        h = hashrealloc(hash);
+        h = resize(hash);
     col = (HASH_MAGIC * sym->ref.ptr.str->hashcode) >> (32 - h->lgalloced);
     INSERT(h, *sym, *val, col);
 }
@@ -198,7 +199,7 @@ void naHash_set(naRef hash, naRef key, naRef val)
     if((n = find(hash.ref.ptr.hash, key))) { n->val = val; return; }
     h = hash.ref.ptr.hash->rec;
     while(!h || h->size >= 1<<h->lgalloced)
-        h = hashrealloc(hash.ref.ptr.hash);
+        h = resize(hash.ref.ptr.hash);
     col = hashcolumn(h, key);
     INSERT(h, key, val, hashcolumn(h, key));
     chkcycle(h->table[col], h->size - h->dels);