From d5cca2bdb2a0352e3253cf3ba2a79157dde5f163 Mon Sep 17 00:00:00 2001
From: "Yukihiro \"Matz\" Matsumoto" <matz@ruby.or.jp>
Date: Thu, 28 May 2020 18:43:20 +0900
Subject: Check `c->eidx` before decrement in `ecall()`; close #4977

---
 src/vm.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/vm.c b/src/vm.c
index bd54f3f00..a280026f8 100644
--- a/src/vm.c
+++ b/src/vm.c
@@ -336,10 +336,12 @@ ecall(mrb_state *mrb)
   struct REnv *env;
   ptrdiff_t cioff;
   int ai = mrb_gc_arena_save(mrb);
-  uint16_t i = --c->eidx;
+  uint16_t i;
   int nregs;
 
-  if (i<0) return;
+  if (c->eidx == 0) return;
+  i = --c->eidx;
+
   /* restrict total call depth of ecall() */
   if (++mrb->ecall_nest > MRB_ECALL_DEPTH_MAX) {
     mrb_exc_raise(mrb, mrb_obj_value(mrb->stack_err));
-- 
cgit v1.2.3