[ruby/yarp] fix: heredoc with incomplete escape at end of file

Previously this resulted in invalid memory access. Found by the fuzzer. https://github.com/ruby/yarp/commit/ec4abd87f4
author: Mike Dalessio <mike.dalessio@gmail.com> 2023-08-30 13:52:03 -0400
committer: git <svn-admin@ruby-lang.org> 2023-08-30 18:27:51 +0000
commit: ae7f9075592ea3570dfba831d086c423301fbcb7 (patch)
tree: 426512354e1c7a9c5a4895eddd6febe2d8ed6eb4
parent: 341f47a6dd3690754fe9660bc248875c7b810260 (diff)
2 files changed, 7 insertions, 0 deletions
diff --git a/test/yarp/fuzzer_test.rb b/test/yarp/fuzzer_test.rb
index 2d851ff886..6dfbf94f39 100644
--- a/test/yarp/fuzzer_test.rb
+++ b/test/yarp/fuzzer_test.rb
@@ -23,4 +23,5 @@ class FuzzerTest < Test::Unit::TestCase
   snippet "incomplete hex number", "0x"
   snippet "incomplete escaped list", "%w[\\"
   snippet "incomplete escaped regex", "/a\\"
+  snippet "unterminated heredoc with unterminated escape at end of file", "<<A\n\\"
 end
diff --git a/yarp/yarp.c b/yarp/yarp.c
index 3fa143f31e..37d55cd467 100644
--- a/yarp/yarp.c
+++ b/yarp/yarp.c
@@ -7413,6 +7413,12 @@ parser_lex(yp_parser_t *parser) {
                         break;
                     }
                     case '\\': {
+                        // Check that we're not at the end of the file.
+                        if (breakpoint + 1 >= parser->end) {
+                            breakpoint = NULL;
+                            break;
+                        }
+
                         // If we hit an escape, then we need to skip past
                         // however many characters the escape takes up. However
                         // it's important that if \n or \r\n are escaped that we
author	Mike Dalessio <mike.dalessio@gmail.com>	2023-08-30 13:52:03 -0400
committer	git <svn-admin@ruby-lang.org>	2023-08-30 18:27:51 +0000
commit	ae7f9075592ea3570dfba831d086c423301fbcb7 (patch)
tree	426512354e1c7a9c5a4895eddd6febe2d8ed6eb4
parent	341f47a6dd3690754fe9660bc248875c7b810260 (diff)