From: v.ondruch@...
Date: 2018-01-09T09:19:32+00:00
Subject: [ruby-core:84761] [Ruby trunk Bug#14261] invalid syntax segfaults:	"x, true"

Issue #14261 has been updated by vo.x (Vit Ondruch).


Thanks. Unfortunately, I cannot easily apply the patch into the tarball :/

----------------------------------------
Bug #14261: invalid syntax segfaults: "x, true"
https://bugs.ruby-lang.org/issues/14261#change-69478

* Author: normalperson (Eric Wong)
* Status: Closed
* Priority: Normal
* Assignee: 
* Target version: 
* ruby -v: 
* Backport: 2.3: UNKNOWN, 2.4: UNKNOWN, 2.5: REQUIRED
----------------------------------------
The `item' arg passed to list_append_gen is NULL, so it segfaults.
It happens on both x86 (32-bit) and x86-64 Linux.
I'm not familiar with the parser, so I will let a parser expert fix this.

```
./miniruby -e "x, true"

-e:1: Can't assign to true
x, true
       ^
./miniruby: [BUG] Segmentation fault at 0x00000010
ruby 2.6.0dev (2017-12-31 trunk 61519) [x86_64-linux]

-- Control frame information -----------------------------------------------
c:0001 p:0000 s:0003 E:001f48 (none) [FINISH]


-- Machine register context ------------------------------------------------
  GS: 0x00000063  FS: 0x00000000  ES: 0x0000002b  DS: 0x0000002b EDI: 0x56f02758
 ESI: 0x56f02778 EBP: 0x00000000 ESP: 0xff9cc640 EBX: 0x569dbb94 EDX: 0x00000000
 ECX: 0x00000003 EAX: 0x56f02778 TRA: 0x0000000e ERR: 0x00000004 EIP: 0x567703a4
  CS: 0x00000023 EFL: 0x00010206 UES: 0xff9cc640  SS: 0x0000002b

-- C level backtrace information -------------------------------------------
/path/to/ruby/miniruby(rb_vm_bugreport+0x4b0) [0x56880660] vm_dump.c:703
/path/to/ruby/miniruby(rb_bug_context+0x62) [0x566e7782] error.c:580
/path/to/ruby/miniruby(sigsegv+0x49) [0x567e9559] signal.c:928
linux-gate.so.1(0xf777ecc0) [0xf777ecc0]
/path/to/ruby/miniruby(list_append_gen+0x74) [0x567703a4] parse.y:8957
/path/to/ruby/miniruby(ruby_yyparse+0x12a3e) [0x5678d4ae] parse.y:1807
/path/to/ruby/miniruby(yycompile0+0xf7) [0x5678d607] parse.y:5595
/path/to/ruby/miniruby(rb_suppress_tracing+0xcf) [0x5688440f] vm_trace.c:397
/path/to/ruby/miniruby(rb_parser_compile_string+0xde) [0x56775cae] parse.y:5637
/path/to/ruby/miniruby(process_options+0x9e1) [0x567e7e61] ruby.c:1677
/path/to/ruby/miniruby(ruby_process_options+0x132) [0x567e8c42] ruby.c:2257
/path/to/ruby/miniruby(ruby_options+0xa7) [0x566f14d7] eval.c:105
/path/to/ruby/miniruby(main+0x6c) [0x5666d5bc] ./main.c:42
```




-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>