From 71641bbf732ab8cbadf8a07e20b2a939b0e3b82b Mon Sep 17 00:00:00 2001
From: Bouke van der Bijl <boukevanderbijl@gmail.com>
Date: Mon, 14 Nov 2016 17:28:18 -0500
Subject: Fix segfault caused by empty condition in ternary

Reported by https://hackerone.com/jpenalbae
---
 mrbgems/mruby-compiler/core/codegen.c | 4 ++++
 test/t/codegen.rb                     | 6 ++++++
 2 files changed, 10 insertions(+)
 create mode 100644 test/t/codegen.rb

diff --git a/mrbgems/mruby-compiler/core/codegen.c b/mrbgems/mruby-compiler/core/codegen.c
index 0c84dd558..71b1dcc6f 100644
--- a/mrbgems/mruby-compiler/core/codegen.c
+++ b/mrbgems/mruby-compiler/core/codegen.c
@@ -1362,6 +1362,10 @@ codegen(codegen_scope *s, node *tree, int val)
       int pos1, pos2;
       node *e = tree->cdr->cdr->car;
 
+      if (!tree->car) {
+        codegen(s, e, val);
+        return;
+      }
       switch ((intptr_t)tree->car->car) {
       case NODE_TRUE:
       case NODE_INT:
diff --git a/test/t/codegen.rb b/test/t/codegen.rb
new file mode 100644
index 000000000..99d6dbe66
--- /dev/null
+++ b/test/t/codegen.rb
@@ -0,0 +1,6 @@
+##
+# Codegen tests
+
+assert('empty condition in ternary expression parses correctly') do
+  assert_equal () ? 1 : 2, 2
+end
-- 
cgit v1.2.3