From ff9582833d92521e2c724ca944c618974b0608d8 Mon Sep 17 00:00:00 2001
From: Tatsuhiko Kubo <cubicdaiya@gmail.com>
Date: Tue, 19 Aug 2014 17:34:19 +0900
Subject: Fix error hanldlings in read_irep_record().

read_irep_record_1() and read_irep_record() may return NULL.
---
 src/load.c | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'src')

diff --git a/src/load.c b/src/load.c
index 0a1436c77..9e8325022 100644
--- a/src/load.c
+++ b/src/load.c
@@ -164,11 +164,18 @@ read_irep_record(mrb_state *mrb, const uint8_t *bin, size_t *len, mrb_bool alloc
   mrb_irep *irep = read_irep_record_1(mrb, bin, len, alloc);
   size_t i;
 
+  if (irep == NULL) {
+    return NULL;
+  }
+
   bin += *len;
   for (i=0; i<irep->rlen; i++) {
     size_t rlen;
 
     irep->reps[i] = read_irep_record(mrb, bin, &rlen, alloc);
+    if (irep->reps[i] == NULL) {
+      return NULL;
+    }
     bin += rlen;
     *len += rlen;
   }
-- 
cgit v1.2.3


From ae306793f231309c12661b111535de6613d5a774 Mon Sep 17 00:00:00 2001
From: Tatsuhiko Kubo <cubicdaiya@gmail.com>
Date: Wed, 20 Aug 2014 04:34:03 +0900
Subject: Use specified macro(NULL) instead of magic-number.

---
 src/class.c   | 6 +++---
 src/codegen.c | 2 +-
 src/parse.y   | 8 ++++----
 3 files changed, 8 insertions(+), 8 deletions(-)

(limited to 'src')

diff --git a/src/class.c b/src/class.c
index 5ea1f329f..2fa02fa87 100644
--- a/src/class.c
+++ b/src/class.c
@@ -128,7 +128,7 @@ mrb_class_outer_module(mrb_state *mrb, struct RClass *c)
   mrb_value outer;
 
   outer = mrb_obj_iv_get(mrb, (struct RObject*)c, mrb_intern_lit(mrb, "__outer__"));
-  if (mrb_nil_p(outer)) return 0;
+  if (mrb_nil_p(outer)) return NULL;
   return mrb_class_ptr(outer);
 }
 
@@ -1030,7 +1030,7 @@ mrb_method_search_vm(mrb_state *mrb, struct RClass **cp, mrb_sym mid)
     }
     c = c->super;
   }
-  return 0;                  /* no method */
+  return NULL;                  /* no method */
 }
 
 MRB_API struct RProc*
@@ -1295,7 +1295,7 @@ MRB_API struct RClass *
 mrb_class_real(struct RClass* cl)
 {
   if (cl == 0)
-    return 0;
+    return NULL;
   while ((cl->tt == MRB_TT_SCLASS) || (cl->tt == MRB_TT_ICLASS)) {
     cl = cl->super;
   }
diff --git a/src/codegen.c b/src/codegen.c
index 7ff911758..268ecf1e8 100644
--- a/src/codegen.c
+++ b/src/codegen.c
@@ -2470,7 +2470,7 @@ scope_new(mrb_state *mrb, codegen_scope *prev, node *lv)
   mrb_pool *pool = mrb_pool_open(mrb);
   codegen_scope *p = (codegen_scope *)mrb_pool_alloc(pool, sizeof(codegen_scope));
 
-  if (!p) return 0;
+  if (!p) return NULL;
   *p = codegen_scope_zero;
   p->mrb = mrb;
   p->mpool = pool;
diff --git a/src/parse.y b/src/parse.y
index 633d92ad3..03333e808 100644
--- a/src/parse.y
+++ b/src/parse.y
@@ -5365,9 +5365,9 @@ mrb_parser_new(mrb_state *mrb)
   static const parser_state parser_state_zero = { 0 };
 
   pool = mrb_pool_open(mrb);
-  if (!pool) return 0;
+  if (!pool) return NULL;
   p = (parser_state *)mrb_pool_alloc(pool, sizeof(parser_state));
-  if (!p) return 0;
+  if (!p) return NULL;
 
   *p = parser_state_zero;
   p->mrb = mrb;
@@ -5483,7 +5483,7 @@ mrb_parse_file(mrb_state *mrb, FILE *f, mrbc_context *c)
   parser_state *p;
 
   p = mrb_parser_new(mrb);
-  if (!p) return 0;
+  if (!p) return NULL;
   p->s = p->send = NULL;
   p->f = f;
 
@@ -5498,7 +5498,7 @@ mrb_parse_nstring(mrb_state *mrb, const char *s, int len, mrbc_context *c)
   parser_state *p;
 
   p = mrb_parser_new(mrb);
-  if (!p) return 0;
+  if (!p) return NULL;
   p->s = s;
   p->send = s + len;
 
-- 
cgit v1.2.3


From 5ee00453e00d69c17a8c92db56e61ec042665cb0 Mon Sep 17 00:00:00 2001
From: Tatsuhiko Kubo <cubicdaiya@gmail.com>
Date: Wed, 20 Aug 2014 05:07:40 +0900
Subject: Fix error handling for mrb_pool_realloc().

mrb_pool_alloc() may return NULL.
---
 src/pool.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'src')

diff --git a/src/pool.c b/src/pool.c
index 4d8c42dd1..ffddd2552 100644
--- a/src/pool.c
+++ b/src/pool.c
@@ -166,6 +166,9 @@ mrb_pool_realloc(mrb_pool *pool, void *p, size_t oldlen, size_t newlen)
     page = page->next;
   }
   np = mrb_pool_alloc(pool, newlen);
+  if (np == NULL) {
+      return NULL;
+  }
   memcpy(np, p, oldlen);
   return np;
 }
-- 
cgit v1.2.3


From 53a7549e1c0dd9a189ac40804b2f5f3e600c9e76 Mon Sep 17 00:00:00 2001
From: Tatsuhiko Kubo <cubicdaiya@gmail.com>
Date: Wed, 20 Aug 2014 05:15:21 +0900
Subject: Fix error handling for mrb_open_allocf().

When DISABLE_GEMS is not defined and
a return value of mrb_open_core() is NULL,
mrb_open_allocf() may cause SEGV.
---
 src/state.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src')

diff --git a/src/state.c b/src/state.c
index 9c16524f2..8d6993b6f 100644
--- a/src/state.c
+++ b/src/state.c
@@ -110,6 +110,10 @@ mrb_open_allocf(mrb_allocf f, void *ud)
 {
   mrb_state *mrb = mrb_open_core(f, ud);
 
+  if (mrb == NULL) {
+    return NULL;
+  }
+
 #ifndef DISABLE_GEMS
   mrb_init_mrbgems(mrb);
   mrb_gc_arena_restore(mrb, 0);
-- 
cgit v1.2.3


From ae2d49811a51e38106f34858fd3f4ce24af320c2 Mon Sep 17 00:00:00 2001
From: Tatsuhiko Kubo <cubicdaiya@gmail.com>
Date: Wed, 20 Aug 2014 12:23:26 +0900
Subject: Fix allocation-error-handlings for scope_new().

---
 src/codegen.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'src')

diff --git a/src/codegen.c b/src/codegen.c
index 268ecf1e8..6e81a51bf 100644
--- a/src/codegen.c
+++ b/src/codegen.c
@@ -85,6 +85,7 @@ static void gen_assignment(codegen_scope *s, node *node, int sp, int val);
 static void gen_vmassignment(codegen_scope *s, node *tree, int rhs, int val);
 
 static void codegen(codegen_scope *s, node *tree, int val);
+static void raise_error(codegen_scope *s, const char *msg);
 
 static void
 codegen_error(codegen_scope *s, const char *message)
@@ -552,6 +553,10 @@ for_body(codegen_scope *s, node *tree)
   codegen(s, tree->cdr->car, VAL);
   /* generate loop-block */
   s = scope_new(s->mrb, s, NULL);
+  if (s == NULL) {
+    raise_error(s, "unexpected scope");
+  }
+
   push();                       /* push for a block parameter */
 
   lp = loop_push(s, LOOP_FOR);
@@ -589,6 +594,10 @@ lambda_body(codegen_scope *s, node *tree, int blk)
   mrb_code c;
   codegen_scope *parent = s;
   s = scope_new(s->mrb, s, tree->car);
+  if (s == NULL) {
+    raise_error(s, "unexpected scope");
+  }
+
   s->mscope = !blk;
 
   if (blk) {
@@ -674,6 +683,9 @@ static int
 scope_body(codegen_scope *s, node *tree, int val)
 {
   codegen_scope *scope = scope_new(s->mrb, s, tree->car);
+  if (scope == NULL) {
+    raise_error(s, "unexpected scope");
+  }
 
   codegen(scope, tree->cdr, VAL);
   if (!s->iseq) {
-- 
cgit v1.2.3


From 05ede52239fce58b6a8be4b72d51db10ae1c2632 Mon Sep 17 00:00:00 2001
From: "Yukihiro \"Matz\" Matsumoto" <matz@ruby-lang.org>
Date: Wed, 20 Aug 2014 23:38:37 +0900
Subject: should use non NULL scope for raise_error(); ref #2547

---
 src/codegen.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/codegen.c b/src/codegen.c
index 6e81a51bf..48ab63de0 100644
--- a/src/codegen.c
+++ b/src/codegen.c
@@ -554,7 +554,7 @@ for_body(codegen_scope *s, node *tree)
   /* generate loop-block */
   s = scope_new(s->mrb, s, NULL);
   if (s == NULL) {
-    raise_error(s, "unexpected scope");
+    raise_error(prev, "unexpected scope");
   }
 
   push();                       /* push for a block parameter */
@@ -595,7 +595,7 @@ lambda_body(codegen_scope *s, node *tree, int blk)
   codegen_scope *parent = s;
   s = scope_new(s->mrb, s, tree->car);
   if (s == NULL) {
-    raise_error(s, "unexpected scope");
+    raise_error(parent, "unexpected scope");
   }
 
   s->mscope = !blk;
-- 
cgit v1.2.3