Null pointer dereference while handling the Proc class #6052
Description
Description
We also found another null dereference involving the Proc class. The stack trace is similar to the closed issue #6039, but it was all triggered while handling the allocated instance of Proc.
Proof of Concept
$ mruby <poc_file>
Stack Trace
We've attached the first stack trace for reference. All three poc exhibit similar stack traces.
AddressSanitizer:DEADLYSIGNAL
=================================================================
==58177==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x55dbafbfdc0a bp 0x7ffdb6eaef90 sp x7ffdb6e9e6a0 T0)
==58177==The signal is caused by a READ memory access.
==58177==Hint: address points to the zero page.
#0 0x55dbafbfdc0a in mrb_vm_exec (/workspaces/mruby/build/host/bin/mruby+0x2e9c0a) (BuildId: 0b14b328fcdcdd86f4424105c228365cba6366d)
#1 0x55dbafbe911f in mrb_vm_run (/workspaces/mruby/build/host/bin/mruby+0x2d511f) (BuildId: 0b14b328fcdcdd86f4424105c228365cba6366d)
#2 0x55dbafbe33ee in mrb_top_run (/workspaces/mruby/build/host/bin/mruby+0x2cf3ee) (BuildId: 0b14b328fcdcdd86f4424105c228365cba6366d)
#3 0x55dbafc92b0e in mrb_load_exec (/workspaces/mruby/build/host/bin/mruby+0x37eb0e) (BuildId: 0b14b328fcdcdd86f4424105c228365cba6366d)
#4 0x55dbafc93ba7 in mrb_load_detect_file_cxt (/workspaces/mruby/build/host/bin/mruby+0x37fba7) (BuildId: 0b14b328fcdcdd86f4424105c228365cba6366d)
#5 0x55dbafae9e06 in main (/workspaces/mruby/build/host/bin/mruby+0x1d5e06) (BuildId: d0b14b328fcdcdd86f4424105c228365cba6366d)
Environment
Ubuntu 20.04
Intel(R) Xeon(R) Gold 5218 CPU @ 2.30GHz
Memory: 64 GB
Affected Version
v3.2.0 (commit f041d3a, latest as of 2023-09-16)
v3.2.0 (commit 5956496)