From c21c6cb4170159250aa778ec888db7f919dfb0e9 Mon Sep 17 00:00:00 2001
From: Mike Pall <mike>
Date: Sat, 15 Jan 2022 18:32:34 +0100
Subject: [PATCH] FFI: Ensure library is loaded before de-serializing FFI
 types.

Reported by ImagicTheCat.
---
 doc/ext_buffer.html | 4 ++++
 src/lj_serialize.c  | 1 +
 2 files changed, 5 insertions(+)

diff --git a/doc/ext_buffer.html b/doc/ext_buffer.html
index 63c2efe3..309b496b 100644
--- a/doc/ext_buffer.html
+++ b/doc/ext_buffer.html
@@ -448,6 +448,10 @@ encoded data. The stand-alone function throws when there's left-over
 data after decoding a single top-level object. The buffer method leaves
 any left-over data in the buffer.
 </p>
+<p>
+Attempting to de-serialize an FFI type will throw an error, if the FFI
+library is not built-in or has not been loaded, yet.
+</p>
 
 <h3 id="serialize_options">Serialization Options</h3>
 <p>
diff --git a/src/lj_serialize.c b/src/lj_serialize.c
index d6551b11..d00bf7fa 100644
--- a/src/lj_serialize.c
+++ b/src/lj_serialize.c
@@ -417,6 +417,7 @@ static char *serialize_get(char *r, SBufExt *sbx, TValue *o)
     uint32_t sz = tp == SER_TAG_COMPLEX ? 16 : 8;
     GCcdata *cd;
     if (LJ_UNLIKELY(r + sz > w)) goto eob;
+    if (LJ_UNLIKELY(!ctype_ctsG(G(sbufL(sbx))))) goto badtag;
     cd = lj_cdata_new_(sbufL(sbx),
 	   tp == SER_TAG_INT64 ? CTID_INT64 :
 	   tp == SER_TAG_UINT64 ? CTID_UINT64 : CTID_COMPLEX_DOUBLE,