Separate jump destination check in `OP_R_RETURN`.
In the past code, the current `callinfo (ci)` was modified, thus it was possible to pop `ci` beyond the `cibase`, that could cause out of memory bound access for the code like the following: ```ruby def m2 lambda { Proc.new { return :return # return from the method } }.call.call :never_reached end p m2 ```
Showing
Please register or sign in to comment