From ccb86277651e309308dfef787ca81c5e4d58f7bf Mon Sep 17 00:00:00 2001
From: David Chisnall <theraven@FreeBSD.org>
Date: Fri, 23 Mar 2018 10:20:19 +0000
Subject: [PATCH] Don't leak extended type encodings in slot access.

---
 sendmsg2.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sendmsg2.c b/sendmsg2.c
index 0181e42..060f64d 100644
--- a/sendmsg2.c
+++ b/sendmsg2.c
@@ -423,7 +423,8 @@ struct objc_slot_v1 *objc_get_slot(Class cls, SEL selector)
 		return NULL;
 	}
 	uncacheable_slot_v1.owner = result->owner;
-	uncacheable_slot_v1.types = result->method_metadata->types;
+	// Don't leak extended type encodings!
+	uncacheable_slot_v1.types = sel_getType_np(result->method_metadata->selector);
 	uncacheable_slot_v1.selector = selector;
 	uncacheable_slot_v1.method = result->method;
 	return &uncacheable_slot_v1;