Skip to content

Commit

Permalink
ATRONIX: Fix: Restore Saved_State/Halt_State when a longjmp happens
Browse files Browse the repository at this point in the history 
Fixes: Oldes/Rebol-issues#2190

Illustrated by:
```
attempt [; this sets Saved_State
	catch/quit [ ;this calls Try_Block_Halt and sets Halt_State
		print x ; this causes an error, and calls
			;"longjmp(*State_State)", which invalidates
			; Halt_State above.
	]
]
load %./ ;Just tries to fill up the C stack and messes up "Halt_State".
halt ; Jumps to the invalid "Halt_State", and crashes
```
or
```
catch/quit [ ;sets Halt_State
    attempt [ ;sets Saved_State
        quit ; jumps to Halt_State, and invalidates "Saved_State"
    ]
]
print x ; Causes a jump to the invalid "Saved_State"
```
(cherry picked from commit 91b4fbd)
  • Loading branch information
@zsx @Oldes
zsx authored and Oldes committed Apr 1, 2020
1 parent d2b8cd5 commit 4b11483
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 1 deletion.
6 changes: 6 additions & 0 deletions src/core/c-do.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1082,9 +1082,12 @@ x*/ static REBINT Do_Args_Light(REBVAL *func, REBVAL *path, REBSER *block, REBCN
{
REBOL_STATE state;
REBVAL *tos;
jmp_buf *Last_Halt_State = Halt_State;

PUSH_STATE(state, Saved_State);
if (SET_JUMP(state)) {
/* Halt_State might become invalid, restore the one above */
Halt_State = Last_Halt_State;
POP_STATE(state, Saved_State);
Catch_Error(DS_NEXT); // Stores error value here
return TRUE;
Expand Down Expand Up @@ -1662,6 +1665,7 @@ x*/ static REBINT Do_Args_Light(REBVAL *func, REBVAL *path, REBSER *block, REBCN
{
REBOL_STATE state;
REBVAL *val;
jmp_buf *Last_Saved_State = Saved_State;
// static D = 0;
// int depth = D++;

Expand All @@ -1670,6 +1674,8 @@ x*/ static REBINT Do_Args_Light(REBVAL *func, REBVAL *path, REBSER *block, REBCN
PUSH_STATE(state, Halt_State);
if (SET_JUMP(state)) {
// Debug_Fmt("Throw Halt %d", depth);
/* Saved_State might become invalid, restore the one above */
Saved_State = Last_Saved_State;
POP_STATE(state, Halt_State);
Catch_Error(DS_NEXT); // Stores error value here
return TRUE;
Expand Down
7 changes: 6 additions & 1 deletion src/tests/units/crash-test.r3
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ Rebol [

~~~start-file~~~ "Crash tests"

===start-group=== "Series crashes"
===start-group=== "Crashing issues"

--test-- "DH keys generation"
;@@ situation fixed in: https://github.com/zsx/r3/commit/cc625bebcb6038b9282876954f929c9d80048d2b
Expand All @@ -28,6 +28,11 @@ Rebol [
a: func [/b] [1]
--assert error? try [a/b/%] ;- no crash, just error!

--test-- "issue-2190"
;@@ https://github.com/Oldes/Rebol-issues/issues/2190
catch/quit [ attempt [ quit ] ]
--assert error? try [print x] ;- no crash, just error!

===end-group===

~~~end-file~~~

0 comments on commit 4b11483

Please sign in to comment.