From 188dc2e5a3cb2de69ec14715ba288ab1e30da6eb Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Tue, 2 Jun 2020 18:40:10 -0700
Subject: [PATCH] Fix bug in recent byte-code checking hoist

Problem reported by Daniel Colascione (Bug#41680).
* src/lread.c (read1): Check that AREF (tmp, COMPILED_BYTECODE)
is a string before subjecting it to STRING_MULTIBYTE.
Be more consistent about using AREF in the neighborhood,
to help prevent this sort of problem from recurring.
---
 src/lread.c | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/src/lread.c b/src/lread.c
index 29deddaf15f..8064bf4d0eb 100644
--- a/src/lread.c
+++ b/src/lread.c
@@ -2966,17 +2966,18 @@ read1 (Lisp_Object readcharfun, int *pch, bool first_in_list)
 	  struct Lisp_Vector *vec;
 	  tmp = read_vector (readcharfun, 1);
 	  vec = XVECTOR (tmp);
-	  if (! (COMPILED_STACK_DEPTH < vec->header.size
-		 && (FIXNUMP (vec->contents[COMPILED_ARGLIST])
-		     || CONSP (vec->contents[COMPILED_ARGLIST])
-		     || NILP (vec->contents[COMPILED_ARGLIST]))
-		 && ((STRINGP (vec->contents[COMPILED_BYTECODE])
-		      && VECTORP (vec->contents[COMPILED_CONSTANTS]))
-		     || CONSP (vec->contents[COMPILED_BYTECODE]))
-		 && FIXNATP (vec->contents[COMPILED_STACK_DEPTH])))
+	  if (! (COMPILED_STACK_DEPTH < ASIZE (tmp)
+		 && (FIXNUMP (AREF (tmp, COMPILED_ARGLIST))
+		     || CONSP (AREF (tmp, COMPILED_ARGLIST))
+		     || NILP (AREF (tmp, COMPILED_ARGLIST)))
+		 && ((STRINGP (AREF (tmp, COMPILED_BYTECODE))
+		      && VECTORP (AREF (tmp, COMPILED_CONSTANTS)))
+		     || CONSP (AREF (tmp, COMPILED_BYTECODE)))
+		 && FIXNATP (AREF (tmp, COMPILED_STACK_DEPTH))))
 	    invalid_syntax ("Invalid byte-code object");
 
-	  if (STRING_MULTIBYTE (AREF (tmp, COMPILED_BYTECODE)))
+	  if (STRINGP (AREF (tmp, COMPILED_BYTECODE))
+	      && STRING_MULTIBYTE (AREF (tmp, COMPILED_BYTECODE)))
 	    {
 	      /* BYTESTR must have been produced by Emacs 20.2 or earlier
 		 because it produced a raw 8-bit string for byte-code and
@@ -2987,7 +2988,7 @@ read1 (Lisp_Object readcharfun, int *pch, bool first_in_list)
 		    Fstring_as_unibyte (AREF (tmp, COMPILED_BYTECODE)));
 	    }
 
-	  if (COMPILED_DOC_STRING < vec->header.size
+	  if (COMPILED_DOC_STRING < ASIZE (tmp)
 	      && EQ (AREF (tmp, COMPILED_DOC_STRING), make_fixnum (0)))
 	    {
 	      /* read_list found a docstring like '(#$ . 5521)' and treated it
-- 
2.39.5