From b0c54c8a86659111ff2e5098a234d590c922cb99 Mon Sep 17 00:00:00 2001
From: YAMAMOTO Takashi <yamamoto@midokura.com>
Date: Sat, 17 Feb 2024 11:11:10 +0900
Subject: [PATCH] Fix a ubsan complaint "applying zero offset to null pointer"
 (#3160)

Set a type's `result_ref_type_maps` only when `ref_type_map_count > 0`.
---
 core/iwasm/interpreter/wasm_loader.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/core/iwasm/interpreter/wasm_loader.c b/core/iwasm/interpreter/wasm_loader.c
index 3e08baa3..11c6f70a 100644
--- a/core/iwasm/interpreter/wasm_loader.c
+++ b/core/iwasm/interpreter/wasm_loader.c
@@ -1568,8 +1568,10 @@ resolve_func_type(const uint8 **p_buf, const uint8 *buf_end, WASMModule *module,
     type->param_count = param_count;
     type->result_count = result_count;
     type->ref_type_map_count = ref_type_map_count;
-    type->result_ref_type_maps =
-        type->ref_type_maps + ref_type_map_count - result_ref_type_map_count;
+    if (ref_type_map_count > 0) {
+        type->result_ref_type_maps = type->ref_type_maps + ref_type_map_count
+                                     - result_ref_type_map_count;
+    }
 
     for (i = 0; i < param_count; i++) {
         if (!resolve_value_type(&p, p_end, module, &need_ref_type_map,