Fixed possible SEGV in `Kernel#block_given?`; ref #3593

e5b61d34 · Yukihiro "Matz" Matsumoto · 5e79bc93 · e5b61d34
Commit e5b61d34 authored Apr 06, 2017 by Yukihiro "Matz" Matsumoto
Show whitespace changes
Inline Side-by-side

Showing with 23 additions and 29 deletions

src/kernel.c src/kernel.c +23 -29

No files found.
--- a/src/kernel.c
+++ b/src/kernel.c
@@ -136,44 +136,38 @@ mrb_f_block_given_p_m(mrb_state *mrb, mrb_value self)
 {
  mrb_callinfo *ci = mrb->c->ci;
  mrb_value *bp;
-  mrb_bool given_p;
  bp = ci->stackent + 1;
  ci--;
  if (ci <= mrb->c->cibase) {
-    given_p = FALSE;
+    return mrb_false_value();
  }
-  else {
  /* block_given? called within block; check upper scope */
  if (ci->proc->env) {
    struct REnv *e = ci->proc->env;
-      mrb_value *sp;
    while (e->c) {
      e = (struct REnv*)e->c;
    }
-      sp = e->stack;
+    /* top-level does not have block slot (always false) */
-      if (sp) {
+    if (e->stack == mrb->c->stbase)
-        /* top-level does not have block slot (alway false) */
-        if (sp == mrb->c->stbase)
      return mrb_false_value();
-        if (e->cioff < 0) {
+    if (e->stack && e->cioff < 0) {
      /* use saved block arg position */
      bp = &e->stack[-e->cioff];
+      ci = 0;                 /* no callinfo available */
    }
    else {
      ci = mrb->c->cibase + e->cioff;
      bp = ci[1].stackent + 1;
    }
  }
-    }
+  if (ci && ci->argc > 0) {
-    if (ci->argc > 0) {
    bp += ci->argc;
  }
-    given_p = !mrb_nil_p(*bp);
+  if (mrb_nil_p(*bp))
-  }
+    return mrb_false_value();
+  return mrb_true_value();
-  return mrb_bool_value(given_p);
 }
 /* 15.3.1.3.7  */