From fa9fa87d737d3d1c463d4f2545e75ddae312b5b2 Mon Sep 17 00:00:00 2001
From: Nick Fitzgerald <fitzgen@gmail.com>
Date: Fri, 26 Jan 2024 09:40:43 -0800
Subject: [PATCH] wast: Fix pointer provenance bug reported by MIRI

We need to re-derive the str pointer after moving the original `Box<str>` it was
derived from.
---
 crates/wast/src/parser.rs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/crates/wast/src/parser.rs b/crates/wast/src/parser.rs
index 0c85923f83..fa82a38736 100644
--- a/crates/wast/src/parser.rs
+++ b/crates/wast/src/parser.rs
@@ -396,9 +396,9 @@ impl ParseBuffer<'_> {
     /// This will return a reference to `s`, but one that's safely rooted in the
     /// `Parser`.
     fn push_str(&self, s: Vec<u8>) -> &[u8] {
-        let s = Box::from(s);
-        let ret = &*s as *const [u8];
-        self.strings.borrow_mut().push(s);
+        let mut strings = self.strings.borrow_mut();
+        strings.push(Box::from(s));
+        let ret = &**strings.last().unwrap() as *const [u8];
         // This should be safe in that the address of `ret` isn't changing as
         // it's on the heap itself. Additionally the lifetime of this return
         // value is tied to the lifetime of `self` (nothing is deallocated