Assert Ruby object in rb_gc_location

peterzhu2118 · peterzhu2118 · commit 9733304d6112 · 2024-12-17T11:03:38.000-05:00
rb_gc_location doesn't check that the object is actually a Ruby object
and only checks if the object looks like a T_MOVED. This may have unexpected
outcomes if the object is not a Ruby object (e.g. a piece of malloc memory
may be corrupted).
diff --git a/gc.c b/gc.c
@@ -2427,6 +2427,8 @@ gc_location_internal(void *objspace, VALUE value)
         return value;
     }
 
+    GC_ASSERT(rb_gc_impl_pointer_to_heap_p(objspace, (void *)value));
+
     return rb_gc_impl_location(objspace, value);
 }
 

Original file line number	Diff line number	Diff line change
`@@ -2427,6 +2427,8 @@ gc_location_internal(void *objspace, VALUE value)`
`2427`	`2427`	`return value;`
`2428`	`2428`	`}`
`2429`	`2429`
	`2430`	`+ GC_ASSERT(rb_gc_impl_pointer_to_heap_p(objspace, (void *)value));`
	`2431`	`+`
`2430`	`2432`	`return rb_gc_impl_location(objspace, value);`
`2431`	`2433`	`}`
`2432`	`2434`