diff options
author | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2009-11-07 11:59:16 +0000 |
---|---|---|
committer | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2009-11-07 11:59:16 +0000 |
commit | 52ebc24487f3d1553c436c3ab9fbf8784379961d (patch) | |
tree | 4936719f503dc48619c5ae4d2d0132028c89cf1e | |
parent | ddc4143af021817d7b37ee6979c2af3e07f7871f (diff) | |
download | ruby-52ebc24487f3d1553c436c3ab9fbf8784379961d.tar.gz |
* vm_insnhelper.c (vm_push_frame): get rid of out-of-bounds
access.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@25682 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | eval.c | 1 | ||||
-rw-r--r-- | vm.c | 2 | ||||
-rw-r--r-- | vm_insnhelper.c | 4 |
4 files changed, 10 insertions, 2 deletions
@@ -1,3 +1,8 @@ +Sat Nov 7 20:59:11 2009 Nobuyoshi Nakada <nobu@ruby-lang.org> + + * vm_insnhelper.c (vm_push_frame): get rid of out-of-bounds + access. + Sat Nov 7 12:41:19 2009 Yukihiro Matsumoto <matz@ruby-lang.org> * vm_insnhelper.c (VM_CALLEE_SETUP_ARG): revert r25521. @@ -15,6 +15,7 @@ #include "iseq.h" #include "gc.h" #include "ruby/vm.h" +#include "ruby/encoding.h" #define numberof(array) (int)(sizeof(array) / sizeof((array)[0])) @@ -92,7 +92,7 @@ vm_set_top_stack(rb_thread_t * th, VALUE iseqval) th->top_self, 0, iseq->iseq_encoded, th->cfp->sp, 0, iseq->local_size); - CHECK_STACK_OVERFLOW(th->cfp, iseq->stack_max); + CHECK_STACK_OVERFLOW(th->cfp, iseq->stack_max); } static void diff --git a/vm_insnhelper.c b/vm_insnhelper.c index 6d4887024b..0660c7dd03 100644 --- a/vm_insnhelper.c +++ b/vm_insnhelper.c @@ -29,7 +29,9 @@ vm_push_frame(rb_thread_t * th, const rb_iseq_t * iseq, rb_control_frame_t * const cfp = th->cfp - 1; int i; - CHECK_STACK_OVERFLOW(th->cfp, local_size); + if ((void *)(sp + local_size) >= (void *)cfp) { + rb_exc_raise(sysstack_error); + } th->cfp = cfp; /* setup vm value stack */ |