From bd0268372e09eb45d088c44a534a5302bdca9796 Mon Sep 17 00:00:00 2001
From: Mike Dalessio <mike.dalessio@gmail.com>
Date: Tue, 29 Aug 2023 17:01:09 -0400
Subject: [ruby/yarp] fix: trailing comment at end of file

Previously this resulted in invalid memory access.

Found by the fuzzer.

https://github.com/ruby/yarp/commit/a1c9404906
---
 test/yarp/fuzzer_test.rb | 1 +
 yarp/yarp.c              | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/test/yarp/fuzzer_test.rb b/test/yarp/fuzzer_test.rb
index e2aa9dab61..8da1a2dc76 100644
--- a/test/yarp/fuzzer_test.rb
+++ b/test/yarp/fuzzer_test.rb
@@ -15,4 +15,5 @@ class FuzzerTest < Test::Unit::TestCase
   snippet "incomplete global variable", "$"
   snippet "incomplete symbol", ":"
   snippet "incomplete escaped string", '"\\'
+  snippet "trailing comment", "1\n#\n"
 end
diff --git a/yarp/yarp.c b/yarp/yarp.c
index 91c814af9a..ce991003f1 100644
--- a/yarp/yarp.c
+++ b/yarp/yarp.c
@@ -5908,7 +5908,7 @@ parser_lex(yp_parser_t *parser) {
                             // Here we look for a "." or "&." following a "\n".
                             const char *following = next_newline(next_content, parser->end - next_content);
 
-                            while (following && (following < parser->end)) {
+                            while (following && (following + 1 < parser->end)) {
                                 following++;
                                 following += yp_strspn_inline_whitespace(following, parser->end - following);
 
-- 
cgit v1.2.3