| Age | Commit message (Collapse) | Author |
|---|
|
[Bug #21380] Prohibit modification in String#split block
Reported at https://hackerone.com/reports/3163876
|
|
YJIT: End the block after OPTIMIZE_METHOD_TYPE_CALL (#13245)
|
|
[Bug #21357] Fix crash in Hash#merge with block
Prior to https://github.com/ruby/ruby/commit/49b306ecb9e2e9e06e0b1590bacc5f4b38169c3c
the `optional_arg` passed from `rb_hash_update_block_i` to `tbl_update`
was a hash value (i.e. a VALUE). After that commit it changed to an
`update_call_args`.
If the block sets or changes the value, `tbl_update_modify` will set the
`arg.value` back to an actual value and we won't crash. But in the case
where the block returns the original value we end up calling
`RB_OBJ_WRITTEN` with the `update_call_args` which is not expected and
may crash.
`arg.value` appears to only be used to pass to `RB_OBJ_WRITTEN` (others
who need the `update_call_args` get it from `arg.arg`), so I don't think
it needs to be set to anything upfront. And `tbl_update_modify` will set
the `arg.value` in the cases we need the write barrier.
|
|
[Bug #21333] Prohibit hash modification inside Hash#update block
|
|
Fix Exception#detailed_message for GC compaction
Before this commit, the test fails with RGENGC_CHECK_MODE enabled:
TestException#test_detailed_message_under_gc_compact_stress [test/ruby/test_exception.rb:1466]:
<"\e[1mfoo (\e[1;4mRuntimeError\e[m\e[1m)\e[m\n" +
"\e[1mbar\e[m\n" +
"\e[1mbaz\e[m"> expected but was
<"\e[1mfoo (\e[1;4mRuntimeError\e[m\e[1m)\e[m\n" +
"\e[1m\x00\x00\x00\x00\x00\x00\x00\e[m">.
|
|
[Bug #21331] Prohibit hash modification during stlike loop
|
|
Fix coverage measurement for negative line numbers
Fixes [Bug #21220]
Co-Authored-By: Mike Bourgeous <[email protected]>
Co-Authored-By: Jean Boussier <[email protected]>
|
|
Fix `Integer.sqrt` to never exceed actual value
`Integer.sqrt` uses `sqrt(3)` from libm for small values.
This method must return a value less than or equal to the actual integer
square root, but libm's sqrt does not always guarantee that.
This change corrects that by decrementing the result if necessary.
Fixes [Bug #21217]
|
|
This is follow-up for 7c315e23983a35d29108d9ba8c914d6320254d43.
|
|
|
|
https://rubyci.s3.amazonaws.com/s390x/ruby-master/log/20250403T060004Z.fail.html.gz
|
|
https://rubyci.s3.amazonaws.com/s390x/ruby-3.2/log/20250403T005659Z.fail.html.gz
|
|
[Bug #20984] Fix test with locale encoding
|
|
https://github.com/rubygems/rubygems/commit/3e77caeddf
|
|
Fix handling of `error`/`errno` in `io_internal_wait`. (#12961)
[Bug #21195]
|
|
[Bug #21094] Update nested module names when setting temporary name
|
|
[Bug #21186] multibyte char literal should be a single letter word
|
|
[Bug #19841] Refine error on marshaling recursive USERDEF
|
|
Ensure IO.copy_stream buffer is an independent string
Otherwise, changes to the buffer by the destination write method
could result in data changing for supposedly independent strings.
Fixes [Bug #21131]
|
|
Push a real iseq in rb_vm_push_frame_fname()
Previously, vm_make_env_each() (used during proc
creation and for the debug inspector C API) picked up the
non-GC-allocated iseq that rb_vm_push_frame_fname() creates,
which led to a SEGV when the GC tried to mark the non GC object.
Put a real iseq imemo instead. Speed should be about the same since
the old code also did a imemo allocation and a malloc allocation.
Real iseq allows ironing out the special-casing of dummy frames in
rb_execution_context_mark() and rb_execution_context_update(). A check
is added to RubyVM::ISeq#eval, though, to stop attempts to run dummy
iseqs.
[Bug #21180]
Co-authored-by: Aaron Patterson <[email protected]>
|
|
[Bug #21159] module names should not be modifiable
|
|
[Bug #21170]
st_table reserves -1 as a special hash value to indicate that an entry
has been deleted. So that that's a valid value to be returned from the
hash function, do_hash replaces -1 with 0 so that it is not mistaken for
the sentinel.
Previously, when upgrading an AR table to an ST table,
rb_st_add_direct_with_hash was used which did not perform the same
conversion, this could lead to a hash in a broken state where one if its
entries which was supposed to exist being marked as a tombstone.
The hash could then become further corrupted when the ST table required
resizing as the falsely tombstoned entry would be skipped but it would
be counted in num entries, leading to an uninitialized entry at index
15.
In most cases this will be really rare, unless using a very poorly
implemented custom hash function.
This also adds two debug assertions, one that st_add_direct_with_hash
does not receive the reserved hash value, and a second in
rebuild_table_with, which ensures that after we rebuild/compact a table
it contains the expected number of elements.
Co-authored-by: Alan Wu <[email protected]>
|
|
|
|
|
|
[Bug #21008] Normalize before sum to float
After switching to `Float`-mode when summing `Numeric` objects,
normalization for `Float` is still needed.
|
|
[Bug #20995] Protect `IO.popen` block from exiting by exception
|
|
[Bug #20984] ENV.inspect should be encoding aware
|
|
Avoid opt_aset_with optimization inside multiple assignment
Previously, since the opt_aset_with optimization was introduced,
use of the opt_aset_with optimization inside multiple assignment
would result in a segfault or incorrect instructions.
Fixes [Bug #21012]
Co-authored-by: Nobuyoshi Nakada <[email protected]>
|
|
Fix use-after-free in ep in Proc#dup for ifunc procs
[Bug #20950]
ifunc proc has the ep allocated in the cfunc_proc_t which is the data of
the TypedData object. If an ifunc proc is duplicated, the ep points to
the ep of the source object. If the source object is freed, then the ep
of the duplicated object now points to a freed memory region. If we try
to use the ep we could crash.
For example, the following script crashes:
p = { a: 1 }.to_proc
100.times do
p = p.dup
GC.start
p.call
rescue ArgumentError
end
This commit changes ifunc proc to also duplicate the ep when it is duplicated.
|
|
[Bug #20924] Fix reading with delimiter in wide character encodings
|
|
[Bug #20915] Fix SEGV with `TracePoint#parameters` and aliased C method
The following snippet results with a SEGV:
```ruby
C = Class.new do
alias_method :new_to_s, :to_s
end
TracePoint.new(:c_call, &:parameters).enable { C.new.new_to_s }
```
at MRI 3.3.6 and ruby 3.4.0dev
The root cause of the issue lies in the `rb_tracearg_parameters` function
within the `RUBY_EVENT_C_RETURN` branch. Specifically, when the invoked
method is an alias for a C function,
`rb_method_entry_without_refinements(..., trace_arg->called_id, ...)`
may return NULL. In that case we can fallback to `trace_arg->id`.
|
|
6b4f8945d600168bf530d21395da8293fbd5e8ba: [Backport #20909]
Check negative integer underflow
Many of Oniguruma functions need valid encoding strings
|
|
Fix a bug in rb_include_module that stops nested inclusion into module subclasses
This bug was present since the code was originally added by me
in 3556a834a2847e52162d1d3302d4c64390df1694.
Fixes [Bug #20871]
|
|
Ensure fiber scheduler re-acquires mutex when interrupted from sleep. (#12158)
[Bug #20907]
|
|
[Bug #20873] Consider `-FIXNUM_MIN` overflow
`-FIXNUM_MIN` is usually greater than `FIXNUM_MAX` on platforms using
two's complement representation.
|
|
[Bug #20868] Fix Method#hash to not change after compaction
The hash value of a Method must remain constant after a compaction, otherwise
it may not work as the key in a hash table.
For example:
def a; end
# Need this method here because otherwise the iseq may be on the C stack
# which would get pinned and not move during compaction
def get_hash
method(:a).hash
end
puts get_hash # => 2993401401091578131
GC.verify_compaction_references(expand_heap: true, toward: :empty)
puts get_hash # => -2162775864511574135
|
|
[Bug #20787] Check the separator in `IO#readline` as well as 3.2
|
|
This reverts commit f72eb702f29574b85889d3ea6447efa29c8a8789.
|
|
https://github.com/ruby/net-http/commit/5544243c41
|
|
RFC 2986, section 4.1 only defines version 1 for CSRs. This version
is encoded as a 0. Starting with OpenSSL 3.3, setting the CSR version
to anything but 1 fails.
Do not attempt to generate a CSR with invalid version (which now fails)
and invalidate the CSR in test_sign_and_verify_rsa_sha1 by changing its
subject rather than using an invalid version.
This commit fixes the following error.
```
2) Error: test_version(OpenSSL::TestX509Request): OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
/home/runner/work/openssl/openssl/test/openssl/test_x509req.rb:18:in `version='
/home/runner/work/openssl/openssl/test/openssl/test_x509req.rb:18:in `issue_csr'
/home/runner/work/openssl/openssl/test/openssl/test_x509req.rb:43:in
`test_version'
40: req = OpenSSL::X509::Request.new(req.to_der)
41: assert_equal(0, req.version)
42:
=> 43: req = issue_csr(1, @dn, @rsa1024, OpenSSL::Digest.new('SHA256'))
44: assert_equal(1, req.version)
45: req = OpenSSL::X509::Request.new(req.to_der)
46: assert_equal(1, req.version)
```
https://github.com/ruby/openssl/commit/c06fdeb091
|
|
ObjectSpace.dump: handle Module#set_temporary_name
[Bug #20892]
Until the introduction of that method, it was impossible for a
Module name not to be valid JSON, hence it wasn't going through
the slower escaping function.
This assumption no longer hold.
Co-authored-by: Jean Boussier <[email protected]>
|
|
Fix regex timeout double-free after stack_double
As of 10574857ce167869524b97ee862b610928f6272f, it's possible to crash
on a double free due to `stk_alloc` AKA `msa->stack_p` being freed
twice, once at the end of match_at and a second time in `FREE_MATCH_ARG`
in the parent caller.
Fixes [Bug #20886]
|
|
Fix update_coderange for binary strings
Although a binary (aka ASCII-8BIT) string will never have a broken
coderange, it still has to differentiate between "valid" and "7bit".
On Ruby 3.4/trunk this problem is masked because we now clear the
coderange more agressively in rb_str_resize, and we happened to always
be strinking this string, but we should not assume that.
On Ruby 3.3 this created strings where `ascii_only?` was true in cases
it shouldn't be as well as other problems.
Fixes [Bug #20883]
Co-authored-by: Daniel Colson <[email protected]>
Co-authored-by: Matthew Draper <[email protected]>
|
|
These test failures first appeared on irrelevant changes. It probably
came from changes in GitHub Actions instead of CRuby's.
Until we figure out how to fix these tests, let's skip them to make the
CI usable.
|
|
[Bug #20853] Fix Proc#hash to not change after compaction
The hash value of a Proc must remain constant after a compaction, otherwise
it may not work as the key in a hash table.
|
|
Fix method caching bug when including/prepend module A that prepends module B
Fix by always adding the generated iclass to the subclasses list,
otherwise the method cache for the iclass is not cleared when
the method in the module is overwritten.
Fixes [Bug #20716]
|
|
[Bug #20755] Frozen string should not be writable via IO::Buffer
|
|
[Bug #20752] Slice of readonly `IO::Buffer` also should be readonly
|
|
[Bug #20719] `Float` argument must be ASCII compatible
|
|
[Bug #20704] Win32: Fix chdir to non-ASCII path
On Windows, `chdir` in compilers' runtime libraries uses the active
code page, but command line arguments in ruby are always UTF-8, since
commit:33ea2646b98adb49ae2e1781753bf22d33729ac0.
|
