From f723832ebc6b3fef41ca4e81a172cb2d8f27b7de Mon Sep 17 00:00:00 2001
From: "Yukihiro \"Matz\" Matsumoto" <matz@ruby.or.jp>
Date: Wed, 8 Nov 2017 08:46:08 +0900
Subject: Should allocate memory region before updating `len`; fix #3842

Otherwise half-baked string object will be allocated.
---
 src/string.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/string.c b/src/string.c
index 8f0db681c..da475839c 100644
--- a/src/string.c
+++ b/src/string.c
@@ -70,9 +70,9 @@ str_new(mrb_state *mrb, const char *p, size_t len)
     if (len >= MRB_INT_MAX) {
       mrb_raise(mrb, E_ARGUMENT_ERROR, "string size too big");
     }
+    s->as.heap.ptr = (char *)mrb_malloc(mrb, len+1);
     s->as.heap.len = (mrb_int)len;
     s->as.heap.aux.capa = (mrb_int)len;
-    s->as.heap.ptr = (char *)mrb_malloc(mrb, len+1);
     if (p) {
       memcpy(s->as.heap.ptr, p, len);
     }
-- 
cgit v1.2.3