kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

memo.c might not always be initialized

Browse source 
memo.float_value might change inside of hash_sum.  In case it
flipped from false to true there, and the calculated sum is Inf,
memo.c might not be initialized at all.  This is bad.

Found using memory sanitizer:

==55293==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x55dfb8d6c529 in rb_float_new_inline internal.h:1814:53
    #1 0x55dfb8d1b30c in enum_sum enum.c:4017:18
    #2 0x55dfb86d75ad in call_cfunc_m1 vm_insnhelper.c:2041:12
    #3 0x55dfb864b141 in vm_call_cfunc_with_frame vm_insnhelper.c:2207:11
    #4 0x55dfb85e843d in vm_call_cfunc vm_insnhelper.c:2225:12
    #5 0x55dfb85e08f3 in vm_call_method_each_type vm_insnhelper.c:2560:9
    #6 0x55dfb85de9c7 in vm_call_method vm_insnhelper.c:2686:13
    #7 0x55dfb849eac6 in vm_call_general vm_insnhelper.c:2730:12
    #8 0x55dfb8686103 in vm_sendish vm_insnhelper.c:3623:11
    #9 0x55dfb84dc29e in vm_exec_core insns.def:789:11
This commit is contained in:
Urabe, Shyouhei 2019-04-24 16:15:46 +09:00
parent f02760fc0a
commit 40b5f2b85d
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
enum.c
View file

@ -3997,6 +3997,10 @@ enum_sum(int argc, VALUE* argv, VALUE obj)
memo.f = RFLOAT_VALUE(memo.v); memo.f = RFLOAT_VALUE(memo.v);
memo.c = 0.0; memo.c = 0.0;
} }
else {
memo.f = 0.0;
memo.c = 0.0;
}
if (RTEST(rb_range_values(obj, &beg, &end, &excl))) { if (RTEST(rb_range_values(obj, &beg, &end, &excl))) {
if (!memo.block_given && !memo.float_value && if (!memo.block_given && !memo.float_value &&