From: "headius (Charles Nutter) via ruby-core" <ruby-core@...>
Date: 2025-11-11T20:49:32+00:00
Subject: [ruby-core:123772] [Ruby Bug#21672] `IO::Buffer.new` does not check that flags are valid

Issue #21672 has been updated by headius (Charles Nutter).


@trinistr First off, Thanks for your work on specs recently. I did a quick implementation of IO::Buffer for j Ruby last year but only relied on the core tests. Having a complete set of specs will be very helpful. 

Along with these flags, I want to point out that there's likely platform specific behaviors in this class that will need special treatment in tests and specs. Some of the features can't be supported outside of CRuby's runtime, some of them will be specific to unix's or even specific types of unix, etc. 

The JRuby implementation ships with all recent builds of JRuby 10, so it would be worth comparing the specs with our version of behavior as well (and of course I'll have to pass those specs at some point anyway).

Feel free to contact me directly at headius@headius.com or on the JRuby Matrix chat room if you have questions or want to work together on this.

----------------------------------------
Bug #21672: `IO::Buffer.new` does not check that flags are valid
https://bugs.ruby-lang.org/issues/21672#change-115164

* Author: trinistr (Alexander Bulancov)
* Status: Assigned
* Assignee: ioquatix (Samuel Williams)
* ruby -v: ruby 3.4.7 (2025-10-08 revision 7a5688e2a2) +PRISM [x86_64-linux]
* Backport: 3.2: UNKNOWN, 3.3: UNKNOWN, 3.4: UNKNOWN
----------------------------------------
`IO::Buffer.new` has a `flags` argument that allows to override automatic decision between INTERNAL and MAPPED. As far as I understand, these modes are supposed to be exclusive, however in practice there is no check, and the user is free to specify both:
```
IO::Buffer.new(10, IO::Buffer::MAPPED|IO::Buffer::INTERNAL)
# => 
# #<IO::Buffer 0x0000555bfdccf760+10 INTERNAL MAPPED>
# 0x00000000  00 00 00 00 00 00 00 00 00 00                   ..........
```

>From the source code in https://github.com/ruby/ruby/blob/master/io_buffer.c#L204, the real mode seems to be INTERNAL. I imagine that the order of branches can be reversed with changes, suddenly changing behavior.

Even worse, if at least one of `INTERNAL` or `MAPPED` is specified, flags are not checked at all, allowing complete nonsense:
```
IO::Buffer.new(10, 0xffffff)
# #<IO::Buffer 0x000055672a653190+10 EXTERNAL INTERNAL MAPPED SHARED LOCKED PRIVATE READONLY>
```

`IO::Buffer.map` also exhibits this issue, though I'm unsure if this combination of flags is actually invalid (it at least doesn't get LOCKED):
```
IO::Buffer.map(File.open('README.md', 'r+'), nil, 0, 0xffffff) 
# #<IO::Buffer 0x00007fd8edb90000+9024 MAPPED FILE PRIVATE READONLY>
```




-- 
https://bugs.ruby-lang.org/
______________________________________________
 ruby-core mailing list -- ruby-core@ml.ruby-lang.org
 To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org
 ruby-core info -- https://ml.ruby-lang.org/mailman3/lists/ruby-core.ml.ruby-lang.org/