diff options
| author | Jeremy Evans <[email protected]> | 2020-08-21 12:52:02 -0700 |
|---|---|---|
| committer | Jeremy Evans <[email protected]> | 2020-08-21 14:52:30 -0700 |
| commit | a0273d67d044dc9fe25313e0854a33374b990e8a (patch) | |
| tree | f4099c2262ec0a2be1d707260f61d840f7b82410 /vm_core.h | |
| parent | ea4ccc09923c56783df8789b0813f7fee7a560c6 (diff) | |
Avoid a use after free in VM assertion
If the thread for the current EC has been killed, don't check
the VM ptr for the EC (which gets it via the thread), as that will
have already been freed.
Fixes [Bug #16907]
Notes
Notes:
Merged: https://github.com/ruby/ruby/pull/3443
Diffstat (limited to 'vm_core.h')
| -rw-r--r-- | vm_core.h | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -1754,6 +1754,7 @@ rb_current_vm(void) VM_ASSERT(ruby_current_vm_ptr == NULL || ruby_current_execution_context_ptr == NULL || rb_ec_thread_ptr(GET_EC()) == NULL || + rb_ec_thread_ptr(GET_EC())->status == THREAD_KILLED || rb_ec_vm_ptr(GET_EC()) == ruby_current_vm_ptr); return ruby_current_vm_ptr; } |