From 2871d0cdc5e5ef952d27187b5488888bbd18c5b0 Mon Sep 17 00:00:00 2001
From: "Yukihiro \"Matz\" Matsumoto" <matz@ruby.or.jp>
Date: Mon, 1 Apr 2019 14:13:06 +0900
Subject: Avoid keeping pointers from `mrb_sym2name_len()`; fix #4342

The addresses for packed inline symbols reference `mrb->symbuf` that
could be overridden by the later call of `mrb_sym2name_len`. Since
file names in call stack information are kept as symbols, keeping the
address in the C structures could cause problems like #4342.

This changes small incompatible changes in function prototypes:
* `mrb_parser_get_filename`: return value changed to `mrb_sym`.
* `mrb_debug_get_filename`: add `mrb_state*` as a first argument.
* `mrb_debug_get_line`: ditto.

I believe above functions are almost internal, and no third-party
mrbgem use them.
---
 src/debug.c | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

(limited to 'src/debug.c')

diff --git a/src/debug.c b/src/debug.c
index 2949131e4..0dc02a1e3 100644
--- a/src/debug.c
+++ b/src/debug.c
@@ -51,20 +51,20 @@ select_line_type(const uint16_t *lines, size_t lines_len)
 }
 
 MRB_API char const*
-mrb_debug_get_filename(mrb_irep *irep, ptrdiff_t pc)
+mrb_debug_get_filename(mrb_state *mrb, mrb_irep *irep, ptrdiff_t pc)
 {
   if (irep && pc >= 0 && pc < irep->ilen) {
     mrb_irep_debug_info_file* f = NULL;
     if (!irep->debug_info) return NULL;
     else if ((f = get_file(irep->debug_info, (uint32_t)pc))) {
-      return f->filename;
+      return mrb_sym2name_len(mrb, f->filename_sym, NULL);
     }
   }
   return NULL;
 }
 
 MRB_API int32_t
-mrb_debug_get_line(mrb_irep *irep, ptrdiff_t pc)
+mrb_debug_get_line(mrb_state *mrb, mrb_irep *irep, ptrdiff_t pc)
 {
   if (irep && pc >= 0 && pc < irep->ilen) {
     mrb_irep_debug_info_file* f = NULL;
@@ -129,7 +129,6 @@ mrb_debug_info_append_file(mrb_state *mrb, mrb_irep_debug_info *d,
   mrb_irep_debug_info_file *f;
   uint32_t file_pc_count;
   size_t fn_len;
-  mrb_int len;
   uint32_t i;
 
   if (!d) return NULL;
@@ -138,8 +137,10 @@ mrb_debug_info_append_file(mrb_state *mrb, mrb_irep_debug_info *d,
   mrb_assert(filename);
   mrb_assert(lines);
 
-  if (d->flen > 0 && strcmp(filename, d->files[d->flen - 1]->filename) == 0) {
-    return NULL;
+  if (d->flen > 0) {
+    const char *fn = mrb_sym2name_len(mrb, d->files[d->flen - 1]->filename_sym, NULL);
+    if (strcmp(filename, fn) == 0)
+      return NULL;
   }
 
   f = (mrb_irep_debug_info_file*)mrb_malloc(mrb, sizeof(*f));
@@ -156,8 +157,6 @@ mrb_debug_info_append_file(mrb_state *mrb, mrb_irep_debug_info *d,
 
   fn_len = strlen(filename);
   f->filename_sym = mrb_intern(mrb, filename, fn_len);
-  len = 0;
-  f->filename = mrb_sym2name_len(mrb, f->filename_sym, &len);
 
   f->line_type = select_line_type(lines + start_pos, end_pos - start_pos);
   f->lines.ptr = NULL;
-- 
cgit v1.2.3