From 49af9012a20a824542cf588e55e5488895553e09 Mon Sep 17 00:00:00 2001
From: Nobuyoshi Nakada <nobu@ruby-lang.org>
Date: Thu, 23 Sep 2021 16:02:44 +0900
Subject: [PATCH] Prohibit invalid encoding symbols [Bug #18184]

---
 marshal.c                 |  8 +++++++-
 test/ruby/test_marshal.rb | 10 +++++++---
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/marshal.c b/marshal.c
index 744267afaf..26ac51401f 100644
--- a/marshal.c
+++ b/marshal.c
@@ -1479,7 +1479,13 @@ r_symreal(struct load_arg *arg, int ivar)
 	    idx = sym2encidx(sym, r_object(arg));
 	}
     }
-    if (idx > 0) rb_enc_associate_index(s, idx);
+    if (idx > 0) {
+        rb_enc_associate_index(s, idx);
+        if (rb_enc_str_coderange(s) == ENC_CODERANGE_BROKEN) {
+            rb_raise(rb_eArgError, "invalid byte sequence in %s: %+"PRIsVALUE,
+                     rb_enc_name(rb_enc_from_index(idx)), s);
+        }
+    }
 
     return s;
 }
diff --git a/test/ruby/test_marshal.rb b/test/ruby/test_marshal.rb
index 9eea3c272e..58831f3709 100644
--- a/test/ruby/test_marshal.rb
+++ b/test/ruby/test_marshal.rb
@@ -814,9 +814,13 @@ class TestMarshal < Test::Unit::TestCase
     assert_raise(ArgumentError, /\(given 1, expected 0\)/) {
       ruby2_keywords_test(*[hash2])
     }
-    hash2 = Marshal.load(data.sub(/:\x06K(?=T\z)/, "I\\&\x06:\x0dencoding\"\x0dUTF-16LE"))
-    assert_raise(ArgumentError, /\(given 1, expected 0\)/) {
-      ruby2_keywords_test(*[hash2])
+  end
+
+  def test_invalid_byte_sequence_symbol
+    data = Marshal.dump(:K)
+    data = data.sub(/:\x06K/, "I\\&\x06:\x0dencoding\"\x0dUTF-16LE")
+    assert_raise(ArgumentError, /UTF-16LE: "\\x4B"/) {
+      Marshal.load(data)
     }
   end