From 5a665f6ce796730b9b81a27e418fdba49b5f83b7 Mon Sep 17 00:00:00 2001
From: Nobuyoshi Nakada <nobu@ruby-lang.org>
Date: Sat, 3 Oct 2020 00:11:03 +0900
Subject: Check builtin inline function index overflow

---
 compile.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'compile.c')

diff --git a/compile.c b/compile.c
index 7053837bb6..c378c170d1 100644
--- a/compile.c
+++ b/compile.c
@@ -7294,7 +7294,7 @@ compile_call(rb_iseq_t *iseq, LINK_ANCHOR *const ret, const NODE *const node, co
             return COMPILE_NG;
         }
         else {
-            char inline_func[0x20];
+            char inline_func[DECIMAL_SIZE_OF_BITS(sizeof(int) * CHAR_BIT) + 1];
             bool cconst = false;
           retry:;
             const struct rb_builtin_function *bf = iseq_builtin_function_lookup(iseq, builtin_func);
@@ -7325,8 +7325,11 @@ compile_call(rb_iseq_t *iseq, LINK_ANCHOR *const ret, const NODE *const node, co
                     return COMPILE_NG;
                 }
 
+                if (GET_VM()->builtin_inline_index == INT_MAX) {
+                    rb_bug("builtin inline function index overflow:%s", builtin_func);
+                }
                 int inline_index = GET_VM()->builtin_inline_index++;
-                snprintf(inline_func, 0x20, "_bi%d", inline_index);
+                snprintf(inline_func, sizeof(inline_func), "_bi%d", inline_index);
                 builtin_func = inline_func;
                 args_node = NULL;
                 goto retry;
-- 
cgit v1.2.3