-
Notifications
You must be signed in to change notification settings - Fork 787
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DoS: Infinite loop in parser when ruby script contains an unclosed heredoc named with empty string #5676
Comments
I found this bug when fuzzing artichoke with https://github.com/artichoke/artichoke/runs/5675904707?check_suite_focus=true
printing the bytes that trigger the infinite loop:
|
Here's a couple of stack traces I pulled from LLDB:
|
This also reproduces on 3.1.0-rc. Here's a stack I pulled during the infinite loop:
|
Thank you! We forgot to check empty here-doc delimiters. |
Thanks @matz. Would you be willing to backport this fix to the pending 3.1 release? |
Ah, I will ask the release manager. |
Reproduction
MRI
mruby
The text was updated successfully, but these errors were encountered: