Limit size of iseq buffer; fix #3927

ec63b1a0 · Yukihiro "Matz" Matsumoto · ca837b1a · ec63b1a0
Commit ec63b1a0 authored Jan 16, 2018 by Yukihiro "Matz" Matsumoto
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 1 deletion

mrbgems/mruby-compiler/core/codegen.c mrbgems/mruby-compiler/core/codegen.c +7 -1

No files found.
--- a/mrbgems/mruby-compiler/core/codegen.c
+++ b/mrbgems/mruby-compiler/core/codegen.c
@@ -149,8 +149,14 @@ new_label(codegen_scope *s)
 static inline int
 genop(codegen_scope *s, mrb_code i)
 {
-  if (s->pc == s->icapa) {
+  if (s->pc >= s->icapa) {
    s->icapa *= 2;
+    if (s->pc >= MAXARG_sBx) {
+      codegen_error(s, "too big code block");
+    }
+    if (s->icapa > MAXARG_sBx) {
+      s->icapa = MAXARG_sBx;
+    }
    s->iseq = (mrb_code *)codegen_realloc(s, s->iseq, sizeof(mrb_code)*s->icapa);
    if (s->lines) {
      s->lines = (uint16_t*)codegen_realloc(s, s->lines, sizeof(short)*s->icapa);