Fix use-after-move in Symbol#inspect

The allocation could re-embed `orig_str` and invalidate the data pointer from RSTRING_GETMEM() if the string is embedded. Found on CI, where the test introduced in 7002e776944 ("Fix Symbol#inspect for GC compaction") recently failed. See: <https://github.com/ruby/ruby/actions/runs/7880657560/job/21503019659>
2024-02-13 12:51:36 -05:00 · 2024-02-13 12:51:36 -05:00 · 6261d4b4d8
commit 6261d4b4d8
parent 5add999dee
1 changed files with 4 additions and 2 deletions
--- a/string.c
+++ b/string.c
@ -11740,11 +11740,13 @@ sym_inspect(VALUE sym)
    }
    else {
        rb_encoding *enc = STR_ENC_GET(str);
-
        VALUE orig_str = str;
-        RSTRING_GETMEM(orig_str, ptr, len);

+        len = RSTRING_LEN(orig_str);
        str = rb_enc_str_new(0, len + 1, enc);
+
+        // Get data pointer after allocation
+        ptr = RSTRING_PTR(orig_str);
        dest = RSTRING_PTR(str);
        memcpy(dest + 1, ptr, len);