Fix write beyond stack boundary in vm-engine.c

* libguile/vm-engine.c (RETURN_ONE_VALUE, RETURN_VALUE_LIST): These helpers, used in subr-call and the like, might not actually have enough space to push the return values. Use ALLOC_FRAME instead of RESET_FRAME, for that reason.
2025-06-12 06:41:13 +02:00 · 2015-06-05 00:10:08 +02:00 · 2015-06-05 00:10:08 +02:00 · bb051f2154
commit bb051f2154
parent f541ee1968
1 changed files with 2 additions and 1 deletions
--- a/libguile/vm-engine.c
+++ b/libguile/vm-engine.c
@ -259,6 +259,7 @@
    SCM val = ret;                                      \
    SCM *old_fp;                                        \
    VM_HANDLE_INTERRUPTS;                               \
+    ALLOC_FRAME (2);					\
    old_fp = fp;                                        \
    ip = SCM_FRAME_RETURN_ADDRESS (fp);                 \
    fp = vp->fp = SCM_FRAME_DYNAMIC_LINK (fp);          \
@ -278,10 +279,10 @@
  do {                                                  \
    SCM vals = vals_;                                   \
    VM_HANDLE_INTERRUPTS;                               \
+    ALLOC_FRAME (3);					\
    fp[0] = vm_builtin_apply;                           \
    fp[1] = vm_builtin_values;                          \
    fp[2] = vals;                                       \
-    RESET_FRAME (3);                                    \
    ip = (scm_t_uint32 *) vm_builtin_apply_code;        \
    goto op_tail_apply;                                 \
  } while (0)