From 1e7074913e1d2a1be72b62ba807325c14b0b317a Mon Sep 17 00:00:00 2001
From: Jesper Storm Bache <jsbache@users.noreply.github.com>
Date: Wed, 24 Nov 2021 16:50:52 -0800
Subject: [PATCH] macos: fix the cfdata length in uv__get_cpu_speed (#3356)

We observed crashes inside CFRelease in uv__get_cpu_speed on the new
Mac Book Pro (arm) hardware. The problem is that the stack got
clobbered. On the new mac hardware the returned length is 8.

For the 4 byte case, a temp variable is used to avoid having to add
endian-sensitive offsets.

Fixes: https://github.com/libuv/libuv/issues/3355
---
 src/unix/darwin.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/src/unix/darwin.c b/src/unix/darwin.c
index a7be0dd2..62f04d31 100644
--- a/src/unix/darwin.c
+++ b/src/unix/darwin.c
@@ -280,14 +280,18 @@ static int uv__get_cpu_speed(uint64_t* speed) {
                                                     NULL,
                                                     0);
         if (freq_ref) {
-          uint32_t freq;
+          const UInt8* freq_ref_ptr = pCFDataGetBytePtr(freq_ref);
           CFIndex len = pCFDataGetLength(freq_ref);
-          CFRange range;
-          range.location = 0;
-          range.length = len;
+          if (len == 8)
+            memcpy(speed, freq_ref_ptr, 8);
+          else if (len == 4) {
+            uint32_t v;
+            memcpy(&v, freq_ref_ptr, 4);
+            *speed = v;
+          } else {
+            *speed = 0;
+          }
 
-          pCFDataGetBytes(freq_ref, range, (UInt8*)&freq);
-          *speed = freq;
           pCFRelease(freq_ref);
           pCFRelease(data);
           break;