From: Yui NARUSE Date: 2012-03-16T00:21:11+09:00 Subject: [ruby-dev:45367] [ruby-trunk - Bug #6144][Assigned] regexec may allocate extra memory? Issue #6144 has been updated by Yui NARUSE. Status changed from Open to Assigned うーん、何か変えるとしたら、以下のような感じですかねぇ。 diff --git a/regexec.c b/regexec.c index 2587cd9..9e31c71 100644 --- a/regexec.c +++ b/regexec.c @@ -446,16 +446,16 @@ onig_region_copy(OnigRegion* to, OnigRegion* from) #define STACK_INIT(alloc_addr, ptr_num, stack_num) do {\ if (msa->stack_p) {\ - alloc_addr = (char* )xalloca(sizeof(char*) * (ptr_num));\ + alloc_addr = (char* )xalloca(sizeof(OnigStackIndex*) * (ptr_num));\ stk_alloc = (OnigStackType* )(msa->stack_p);\ stk_base = stk_alloc;\ stk = stk_base;\ stk_end = stk_base + msa->stack_n;\ }\ else {\ - alloc_addr = (char* )xalloca(sizeof(char*) * (ptr_num)\ + alloc_addr = (char* )xalloca(sizeof(OnigStackIndex*) * (ptr_num)\ + sizeof(OnigStackType) * (stack_num));\ - stk_alloc = (OnigStackType* )(alloc_addr + sizeof(char*) * (ptr_num));\ + stk_alloc = (OnigStackType* )(alloc_addr + sizeof(OnigStackIndex*) * (ptr_num));\ stk_base = stk_alloc;\ stk = stk_base;\ stk_end = stk_base + (stack_num);\ ---------------------------------------- Bug #6144: regexec may allocate extra memory? https://bugs.ruby-lang.org/issues/6144#change-24608 Author: Yusuke Endoh Status: Assigned Priority: Normal Assignee: Yui NARUSE Category: Target version: ruby -v: ruby 2.0.0dev (2012-03-14 trunk 35017) [i686-linux] naruse さん、k-takata さん 遠藤です。 多分鬼車の問題なんですが、regexec.c に alloc_addr = (char* )xalloca(sizeof(char*) * (ptr_num));\ という行があります。(#define STACK_INIT 内) 前後見てませんが、 alloc_addr = (char* )xalloca(sizeof(char) * (ptr_num));\ または alloc_addr = (char** )xalloca(sizeof(char*) * (ptr_num));\ と書きたかったんじゃないでしょうか。 たぶん前者かなーという予感はしますが、確認・修正して頂けます でしょうか。もし現状が正しかったらすみません。 やはり Coverity Scan さんが見つけてくれてました。 -- Yusuke Endoh -- http://bugs.ruby-lang.org/