mirror/ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2026-01-27 12:34:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Check slot_size before zeroing memory for GC hook

Browse Source 
If the slot_size < RVALUE_SIZE then we would underflow in the memset.
This commit is contained in:
Peter Zhu 2025-12-20 08:40:59 -05:00
parent 5cdda61d00
commit fe9a7448b1
Notes: git 2025-12-20 16:28:00 +00:00 
Merged: https://github.com/ruby/ruby/pull/15669
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
gc.c
View File

@ -1001,7 +1001,10 @@ newobj_of(rb_ractor_t *cr, VALUE klass, VALUE flags, shape_id_t shape_id, bool w
if (UNLIKELY(rb_gc_event_hook_required_p(RUBY_INTERNAL_EVENT_NEWOBJ))) {
int lev = RB_GC_VM_LOCK_NO_BARRIER();
{
memset((char *)obj + RVALUE_SIZE, 0, rb_gc_obj_slot_size(obj) - RVALUE_SIZE);
size_t slot_size = rb_gc_obj_slot_size(obj);
if (slot_size > RVALUE_SIZE) {
memset((char *)obj + RVALUE_SIZE, 0, slot_size - RVALUE_SIZE);
}
/* We must disable GC here because the callback could call xmalloc
* which could potentially trigger a GC, and a lot of code is unsafe