Restrict total recursion number of `ecall()`; fix #3789

author: Yukihiro "Matz" Matsumoto <[email protected]> 2018-11-20 09:14:34 +0900
committer: Yukihiro "Matz" Matsumoto <[email protected]> 2018-11-20 09:14:34 +0900
commit: 86d102350b4e68ae7ad4c1fef684f53a275790dc (patch)
tree: cc591acf8b03f0cc88c1893f61c15b12b7afbf93 /src/vm.c
parent: afd46eccd14e20a3898c81a3168ec764f1010bdf (diff)
download: mruby-86d102350b4e68ae7ad4c1fef684f53a275790dc.tar.gz
mruby-86d102350b4e68ae7ad4c1fef684f53a275790dc.zip
1 files changed, 4 insertions, 2 deletions
diff --git a/src/vm.c b/src/vm.c
index 6bb9a48a5..84e076ee8 100644
--- a/src/vm.c
+++ b/src/vm.c
@@ -55,7 +55,7 @@ void abort(void);
 
 /* Maximum depth of ecall() recursion. */
 #ifndef MRB_ECALL_DEPTH_MAX
-#define MRB_ECALL_DEPTH_MAX 32
+#define MRB_ECALL_DEPTH_MAX 512
 #endif
 
 /* Maximum stack depth. Should be set lower on memory constrained systems.
@@ -337,7 +337,8 @@ ecall(mrb_state *mrb)
   int nregs;
 
   if (i<0) return;
-  if (ci - c->cibase > MRB_ECALL_DEPTH_MAX) {
+  /* restrict total call depth of ecall() */
+  if (++mrb->ecall_nest > MRB_ECALL_DEPTH_MAX) {
     mrb_exc_raise(mrb, mrb_obj_value(mrb->stack_err));
   }
   p = c->ensure[i];
@@ -372,6 +373,7 @@ ecall(mrb_state *mrb)
   c->ci = c->cibase + cioff;
   if (!mrb->exc) mrb->exc = exc;
   mrb_gc_arena_restore(mrb, ai);
+  mrb->ecall_nest--;
 }
 
 #ifndef MRB_FUNCALL_ARGC_MAX
author	Yukihiro "Matz" Matsumoto <[email protected]>	2018-11-20 09:14:34 +0900
committer	Yukihiro "Matz" Matsumoto <[email protected]>	2018-11-20 09:14:34 +0900
commit	86d102350b4e68ae7ad4c1fef684f53a275790dc (patch)
tree	cc591acf8b03f0cc88c1893f61c15b12b7afbf93 /src/vm.c
parent	afd46eccd14e20a3898c81a3168ec764f1010bdf (diff)
download	mruby-86d102350b4e68ae7ad4c1fef684f53a275790dc.tar.gz mruby-86d102350b4e68ae7ad4c1fef684f53a275790dc.zip