--- xnu/xnu-12377.101.15/libkern/c++/OSSerializeBinary.cpp
+++ xnu/xnu-8019.41.5/libkern/c++/OSSerializeBinary.cpp
@@ -129,7 +129,7 @@
 			headerSize += sizeof(uint32_t);
 		}
 		offset /= sizeof(uint32_t);
-		indexData->appendValue(offset);
+		indexData->appendBytes(&offset, sizeof(offset));
 	}
 
 	if (os_add3_overflow(size, headerSize, 3, &alignSize)) {
@@ -218,7 +218,7 @@
 	OSBoolean    * boo;
 
 	unsigned int  tagIdx;
-	uint32_t   i, key, startCollection = 0;
+	uint32_t   i, key, startCollection;
 	uint32_t   len;
 	bool       ok;
 
@@ -328,15 +328,25 @@
 /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
 
 #define setAtIndex(v, idx, o)                                                  \
-	ok = idx < v##Capacity;                                                \
-	if (!ok && v##Capacity < v##CapacityMax) {                             \
+	if (idx >= v##Capacity)                                                \
+	{                                                                      \
+	if (v##Capacity >= v##CapacityMax) ok = false;                         \
+	else                                                                   \
+	{                                                                      \
 	    uint32_t ncap = v##Capacity + 64;                                  \
-	    typeof(v##Array) nbuf = kreallocp_type_container(OSObject *,       \
-	        v##Array, v##Capacity, &ncap, Z_WAITOK_ZERO);                  \
-	    if (nbuf) {                                                        \
-	        ok = true;                                                     \
+	    typeof(v##Array) nbuf = kalloc_type_tag_bt(OSObject *, ncap,       \
+	            Z_WAITOK_ZERO, VM_KERN_MEMORY_LIBKERN);                    \
+	    if (!nbuf) ok = false;                                             \
+	    else                                                               \
+	    {                                                                  \
+	        if (v##Array)                                                  \
+	        {                                                              \
+	            bcopy(v##Array, nbuf, v##Capacity * sizeof(o));            \
+	            kfree_type(OSObject *, v##Capacity, v##Array);             \
+	        }                                                              \
 	        v##Array    = nbuf;                                            \
 	        v##Capacity = ncap;                                            \
+	    }                                                                  \
 	    }                                                                  \
 	}                                                                      \
 	if (ok) v##Array[idx] = o
@@ -372,10 +382,7 @@
 	const uint32_t * next;
 	uint32_t         key, len, wordLen, length;
 	bool             end, newCollect, isRef;
-	union {
-		unsigned long long value;
-		double fpValue;
-	} value;
+	unsigned long long value;
 	bool ok, indexed, hasLength;
 
 	indexed = false;
@@ -458,23 +465,13 @@
 			if (bufferPos > bufferSize) {
 				break;
 			}
-			value.value = next[1];
-			value.value <<= 32;
-			value.value |= next[0];
-			switch (len) {
-			case 63:
-				o = OSNumber::withDouble(value.fpValue);
-				break;
-			case 31:
-				o = OSNumber::withFloat((float) value.fpValue);
-				break;
-			case 64:
-			case 32:
-			case 16:
-			case 8:
-				o = OSNumber::withNumber(value.value, len);
-				break;
-			}
+			if ((len != 32) && (len != 64) && (len != 16) && (len != 8)) {
+				break;
+			}
+			value = next[1];
+			value <<= 32;
+			value |= next[0];
+			o = OSNumber::withNumber(value, len);
 			next += 2;
 			break;