From 82fdffc5ec0ecffc2e49128775d7c09ed43ba59d Mon Sep 17 00:00:00 2001 From: Alan Wu Date: Sun, 12 Apr 2020 15:19:06 -0400 Subject: [PATCH] Avoid UB with flexible array member Accessing past the end of an array is technically UB. Use C99 flexible array member instead to avoid the UB and simplify allocation size calculation. See also: DCL38-C in the SEI CERT C Coding Standard --- compile.c | 4 ++-- vm_callinfo.h | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/compile.c b/compile.c index bd249a57c0..d294faa7b4 100644 --- a/compile.c +++ b/compile.c @@ -3951,7 +3951,7 @@ compile_keyword_arg(rb_iseq_t *iseq, LINK_ANCHOR *const ret, { int len = (int)node->nd_alen / 2; struct rb_callinfo_kwarg *kw_arg = - rb_xmalloc_mul_add(len - 1, sizeof(VALUE), sizeof(struct rb_callinfo_kwarg)); + rb_xmalloc_mul_add(len, sizeof(VALUE), sizeof(struct rb_callinfo_kwarg)); VALUE *keywords = kw_arg->keywords; int i = 0; kw_arg->keyword_len = len; @@ -10394,7 +10394,7 @@ ibf_load_ci_entries(const struct ibf_load *load, struct rb_callinfo_kwarg *kwarg = NULL; int kwlen = (int)ibf_load_small_value(load, &reading_pos); if (kwlen > 0) { - kwarg = rb_xmalloc_mul_add(kwlen - 1, sizeof(VALUE), sizeof(struct rb_callinfo_kwarg));; + kwarg = rb_xmalloc_mul_add(kwlen, sizeof(VALUE), sizeof(struct rb_callinfo_kwarg)); kwarg->keyword_len = kwlen; for (int j=0; j