From f76cc483d55b58f2b5803b13cb5e528a67b39c3b Mon Sep 17 00:00:00 2001
From: "Yukihiro \"Matz\" Matsumoto" <matz@ruby.or.jp>
Date: Wed, 29 Aug 2018 23:59:20 +0900
Subject: Fix off-by-one error in `OP_EPUSH` and `OP_ONERR`; fix #4095

---
 src/vm.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/vm.c b/src/vm.c
index 45d2b5881..2fd1e5efa 100644
--- a/src/vm.c
+++ b/src/vm.c
@@ -1240,7 +1240,7 @@ RETRY_TRY_BLOCK:
 
     CASE(OP_ONERR, S) {
       /* check rescue stack */
-      if (mrb->c->ci->ridx == UINT16_MAX) {
+      if (mrb->c->ci->ridx == UINT16_MAX-1) {
         mrb_value exc = mrb_exc_new_str_lit(mrb, E_RUNTIME_ERROR, "too many nested rescues");
         mrb_exc_set(mrb, exc);
         goto L_RAISE;
@@ -1306,7 +1306,7 @@ RETRY_TRY_BLOCK:
 
       p = mrb_closure_new(mrb, irep->reps[a]);
       /* check ensure stack */
-      if (mrb->c->eidx == UINT16_MAX) {
+      if (mrb->c->eidx == UINT16_MAX-1) {
         mrb_value exc = mrb_exc_new_str_lit(mrb, E_RUNTIME_ERROR, "too many nested ensures");
         mrb_exc_set(mrb, exc);
         goto L_RAISE;
-- 
cgit v1.2.3