Headline
CVE-2022-0630: vm.c: should check type before hash access. · mruby/mruby@ff3a5eb
Out-of-bounds Read in Homebrew mruby prior to 3.2.
Permalink
Browse files
vm.c: should check type before hash access.
Since the operand of double splat (`**`) may not be a hash, simple assertion (previous code since d42a64e) was not enough for this case.
- Loading branch information
matz committed
Feb 15, 2022
1 parent ecb28f4 commit ff3a5ebed6ffbe3e70481531cfb969b497aa73ad
Showing with 1 addition and 1 deletion.
- +1 −1 src/vm.c
@@ -2766,7 +2766,7 @@ mrb_vm_exec(mrb_state *mrb, const struct RProc *proc, const mrb_code *pc)
int lim = a+b*2+1;
hash = regs[a];
mrb_assert(mrb_hash_p(hash));
mrb_ensure_hash_type(mrb, hash);
for (i=a+1; i<lim; i+=2) {
mrb_hash_set(mrb, hash, regs[i], regs[i+1]);
}
0 comments on commit ff3a5eb
Please sign in to comment.