From 0ceaa0960af0b0150bc16da3d10a5e1ab0d3053b Mon Sep 17 00:00:00 2001
From: "Yukihiro \"Matz\" Matsumoto" <matz@ruby-lang.org>
Date: Fri, 22 Sep 2017 13:00:58 +0900
Subject: `OP_EPOP` operand may be bigger than `mrb->c->eidx`; fix #3810

---
 src/vm.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/vm.c b/src/vm.c
index 941105212..3c74f265c 100644
--- a/src/vm.c
+++ b/src/vm.c
@@ -1327,7 +1327,9 @@ RETRY_TRY_BLOCK:
         NEXT;
       }
 
-      for (n=0; n<a && mrb->c->eidx > epos; n++) {
+      if (a > mrb->c->eidx - epos)
+        a = mrb->c->eidx - epos;
+      for (n=0; n<a; n++) {
         proc = mrb->c->ensure[epos+n];
         irep = proc->body.irep;
         ci = cipush(mrb);
-- 
cgit v1.2.3