Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
vm.c: create break object before clearing GC arena.
Otherwise it possibly cause use-after-free.
  • Loading branch information
matz committed Apr 4, 2022
1 parent 8aec568 commit 3cf291f
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/vm.c
Expand Up @@ -2268,9 +2268,9 @@ mrb_vm_exec(mrb_state *mrb, const struct RProc *proc, const mrb_code *pc)
}
if (ci->cci > CINFO_NONE) {
ci = cipop(mrb);
mrb->exc = (struct RObject*)break_new(mrb, RBREAK_TAG_BREAK, proc, v);
mrb_gc_arena_restore(mrb, ai);
mrb->c->vmexec = FALSE;
mrb->exc = (struct RObject*)break_new(mrb, RBREAK_TAG_BREAK, proc, v);
mrb->jmp = prev_jmp;
MRB_THROW(prev_jmp);
}
Expand Down

0 comments on commit 3cf291f

Please sign in to comment.