Skip to content

M
mruby
Commit e9b1d9dc authored by Yukihiro "Matz" Matsumoto's avatar Yukihiro "Matz" Matsumoto
Browse files
Options

Array size may be changed in `mrb_get_args()` reentry. 

fix #4116; fix #4117; fix #4118; fix #4119; fix #4120
parent 0ff1540e
Show whitespace changes
Inline Side-by-side
Showing with 17 additions and 10 deletions
mrbgems/mruby-array-ext/src/array.c
View file @ e9b1d9dc
...@@ -175,7 +175,7 @@ static mrb_value ...@@ -175,7 +175,7 @@ static mrb_value
mrb_ary_slice_bang(mrb_state *mrb, mrb_value self) mrb_ary_slice_bang(mrb_state *mrb, mrb_value self)
{ {
struct RArray *a = mrb_ary_ptr(self); struct RArray *a = mrb_ary_ptr(self);
mrb_int i, j, k, len, alen = ARY_LEN(a); mrb_int i, j, k, len, alen;
mrb_value val; mrb_value val;
mrb_value *ptr; mrb_value *ptr;
mrb_value ary; mrb_value ary;
...@@ -188,7 +188,7 @@ mrb_ary_slice_bang(mrb_state *mrb, mrb_value self) ...@@ -188,7 +188,7 @@ mrb_ary_slice_bang(mrb_state *mrb, mrb_value self)
mrb_get_args(mrb, "o|i", &index, &len); mrb_get_args(mrb, "o|i", &index, &len);
switch (mrb_type(index)) { switch (mrb_type(index)) {
case MRB_TT_RANGE: case MRB_TT_RANGE:
if (mrb_range_beg_len(mrb, index, &i, &len, alen, TRUE) == 1) { if (mrb_range_beg_len(mrb, index, &i, &len, ARY_LEN(a), TRUE) == 1) {
goto delete_pos_len; goto delete_pos_len;
} }
else { else {
...@@ -205,6 +205,7 @@ mrb_ary_slice_bang(mrb_state *mrb, mrb_value self) ...@@ -205,6 +205,7 @@ mrb_ary_slice_bang(mrb_state *mrb, mrb_value self)
mrb_get_args(mrb, "ii", &i, &len); mrb_get_args(mrb, "ii", &i, &len);
delete_pos_len: delete_pos_len:
alen = ARY_LEN(a);
if (i < 0) i += alen; if (i < 0) i += alen;
if (i < 0 || alen < i) return mrb_nil_value(); if (i < 0 || alen < i) return mrb_nil_value();
if (len < 0) return mrb_nil_value(); if (len < 0) return mrb_nil_value();
......
src/array.c
View file @ e9b1d9dc
...@@ -853,14 +853,14 @@ static mrb_value ...@@ -853,14 +853,14 @@ static mrb_value
mrb_ary_aget(mrb_state *mrb, mrb_value self) mrb_ary_aget(mrb_state *mrb, mrb_value self)
{ {
struct RArray *a = mrb_ary_ptr(self); struct RArray *a = mrb_ary_ptr(self);
mrb_int i, len, alen = ARY_LEN(a); mrb_int i, len, alen;
mrb_value index; mrb_value index;
if (mrb_get_args(mrb, "o|i", &index, &len) == 1) { if (mrb_get_args(mrb, "o|i", &index, &len) == 1) {
switch (mrb_type(index)) { switch (mrb_type(index)) {
/* a[n..m] */ /* a[n..m] */
case MRB_TT_RANGE: case MRB_TT_RANGE:
if (mrb_range_beg_len(mrb, index, &i, &len, alen, TRUE) == 1) { if (mrb_range_beg_len(mrb, index, &i, &len, ARY_LEN(a), TRUE) == 1) {
return ary_subseq(mrb, a, i, len); return ary_subseq(mrb, a, i, len);
} }
else { else {
...@@ -874,6 +874,7 @@ mrb_ary_aget(mrb_state *mrb, mrb_value self) ...@@ -874,6 +874,7 @@ mrb_ary_aget(mrb_state *mrb, mrb_value self)
} }
i = aget_index(mrb, index); i = aget_index(mrb, index);
alen = ARY_LEN(a);
if (i < 0) i += alen; if (i < 0) i += alen;
if (i < 0 || alen < i) return mrb_nil_value(); if (i < 0 || alen < i) return mrb_nil_value();
if (len < 0) return mrb_nil_value(); if (len < 0) return mrb_nil_value();
...@@ -953,9 +954,10 @@ mrb_ary_delete_at(mrb_state *mrb, mrb_value self) ...@@ -953,9 +954,10 @@ mrb_ary_delete_at(mrb_state *mrb, mrb_value self)
mrb_int index; mrb_int index;
mrb_value val; mrb_value val;
mrb_value *ptr; mrb_value *ptr;
mrb_int len, alen = ARY_LEN(a); mrb_int len, alen;
mrb_get_args(mrb, "i", &index); mrb_get_args(mrb, "i", &index);
alen = ARY_LEN(a);
if (index < 0) index += alen; if (index < 0) index += alen;
if (index < 0 || alen <= index) return mrb_nil_value(); if (index < 0 || alen <= index) return mrb_nil_value();
...@@ -980,16 +982,17 @@ static mrb_value ...@@ -980,16 +982,17 @@ static mrb_value
mrb_ary_first(mrb_state *mrb, mrb_value self) mrb_ary_first(mrb_state *mrb, mrb_value self)
{ {
struct RArray *a = mrb_ary_ptr(self); struct RArray *a = mrb_ary_ptr(self);
mrb_int size, alen = ARY_LEN(a); mrb_int size, alen;
if (mrb_get_argc(mrb) == 0) { if (mrb_get_argc(mrb) == 0) {
return (alen > 0)? ARY_PTR(a)[0]: mrb_nil_value(); return (ARY_LEN(a) > 0)? ARY_PTR(a)[0]: mrb_nil_value();
} }
mrb_get_args(mrb, "|i", &size); mrb_get_args(mrb, "|i", &size);
if (size < 0) { if (size < 0) {
mrb_raise(mrb, E_ARGUMENT_ERROR, "negative array size"); mrb_raise(mrb, E_ARGUMENT_ERROR, "negative array size");
} }
alen = ARY_LEN(a);
if (size > alen) size = alen; if (size > alen) size = alen;
if (ARY_SHARED_P(a)) { if (ARY_SHARED_P(a)) {
return ary_subseq(mrb, a, 0, size); return ary_subseq(mrb, a, 0, size);
...@@ -1001,10 +1004,13 @@ static mrb_value ...@@ -1001,10 +1004,13 @@ static mrb_value
mrb_ary_last(mrb_state *mrb, mrb_value self) mrb_ary_last(mrb_state *mrb, mrb_value self)
{ {
struct RArray *a = mrb_ary_ptr(self); struct RArray *a = mrb_ary_ptr(self);
mrb_int size, alen = ARY_LEN(a); mrb_int n, size, alen;
if (mrb_get_args(mrb, "|i", &size) == 0) n = mrb_get_args(mrb, "|i", &size);
return (alen > 0)? ARY_PTR(a)[alen - 1]: mrb_nil_value(); alen = ARY_LEN(a);
if (n == 0) {
return (alen > 0) ? ARY_PTR(a)[alen - 1]: mrb_nil_value();
}
if (size < 0) { if (size < 0) {
mrb_raise(mrb, E_ARGUMENT_ERROR, "negative array size"); mrb_raise(mrb, E_ARGUMENT_ERROR, "negative array size");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment