From d8753f47bb29d6bd5ca8d311b80fadca719982be Mon Sep 17 00:00:00 2001
From: Oliver Kiddle <okiddle@yahoo.co.uk>
Date: Sat, 7 Apr 2018 18:48:00 +0200
Subject: 42601: tidy up code for set -A/+A to not increment a NULL pointer and
 to be more efficient

---
 ChangeLog     |  3 +++
 Src/builtin.c | 10 ++++------
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 2cc699b67..0ced3c876 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
 2018-04-07  Oliver Kiddle  <okiddle@yahoo.co.uk>
 
+	* 42601: Src/builtin.c: tidy up code for set -A/+A to not
+	increment a NULL pointer and to be more efficient
+
 	* 42607, CVE-2018-1100: Src/utils.c: check bounds on buffer
 	in mail checking
 
diff --git a/Src/builtin.c b/Src/builtin.c
index fb59738f3..73cfe7ad1 100644
--- a/Src/builtin.c
+++ b/Src/builtin.c
@@ -695,13 +695,11 @@ bin_set(char *nam, char **args, UNUSED(Options ops), UNUSED(int func))
 	char **a = NULL, **y;
 	int len = arrlen(args);
 
-	if (array < 0 && (a = getaparam(arrayname))) {
-	    int al = arrlen(a);
-
-	    if (al > len)
-		len = al;
+	if (array < 0 && (a = getaparam(arrayname)) && arrlen_gt(a, len)) {
+	    a += len;
+	    len += arrlen(a);
 	}
-	for (x = y = zalloc((len + 1) * sizeof(char *)); len--; a++) {
+	for (x = y = zalloc((len + 1) * sizeof(char *)); len--;) {
 	    if (!*args)
 		args = a;
 	    *y++ = ztrdup(*args++);
-- 
cgit 1.4.1