Skip to content

Commit

Permalink
Fixed possible SEGV in Kernel#block_given?; ref #3593
Browse files Browse the repository at this point in the history
  • Loading branch information
matz committed Apr 6, 2017
1 parent 5e79bc9 commit e5b61d3
Showing 1 changed file with 23 additions and 29 deletions.
52 changes: 23 additions & 29 deletions src/kernel.c
Original file line number Diff line number Diff line change
Expand Up @@ -136,44 +136,38 @@ mrb_f_block_given_p_m(mrb_state *mrb, mrb_value self)
{
mrb_callinfo *ci = mrb->c->ci;
mrb_value *bp;
mrb_bool given_p;

bp = ci->stackent + 1;
ci--;
if (ci <= mrb->c->cibase) {
given_p = FALSE;
return mrb_false_value();
}
else {
/* block_given? called within block; check upper scope */
if (ci->proc->env) {
struct REnv *e = ci->proc->env;
mrb_value *sp;
/* block_given? called within block; check upper scope */
if (ci->proc->env) {
struct REnv *e = ci->proc->env;

while (e->c) {
e = (struct REnv*)e->c;
}
sp = e->stack;
if (sp) {
/* top-level does not have block slot (alway false) */
if (sp == mrb->c->stbase)
return mrb_false_value();
if (e->cioff < 0) {
/* use saved block arg position */
bp = &e->stack[-e->cioff];
}
else {
ci = mrb->c->cibase + e->cioff;
bp = ci[1].stackent + 1;
}
}
while (e->c) {
e = (struct REnv*)e->c;
}
if (ci->argc > 0) {
bp += ci->argc;
/* top-level does not have block slot (always false) */
if (e->stack == mrb->c->stbase)
return mrb_false_value();
if (e->stack && e->cioff < 0) {
/* use saved block arg position */
bp = &e->stack[-e->cioff];
ci = 0; /* no callinfo available */
}
else {
ci = mrb->c->cibase + e->cioff;
bp = ci[1].stackent + 1;
}
given_p = !mrb_nil_p(*bp);
}

return mrb_bool_value(given_p);
if (ci && ci->argc > 0) {
bp += ci->argc;
}
if (mrb_nil_p(*bp))
return mrb_false_value();
return mrb_true_value();
}

/* 15.3.1.3.7 */
Expand Down

0 comments on commit e5b61d3

Please sign in to comment.