msgpack 1.5.4 → 1.5.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ec6ef147d4d948d86915dd5ed06893bd281bcba60a1a48869e0f1b895e1a4d7e
-  data.tar.gz: 49f4753d9ce5fc686c529a97b8fb409283cde4521c8e28a3f61d92fedc717148
+  metadata.gz: e2f5a7cb55341aa8e930c92374b3aeb7bc74b1ccdfe0dede04e36169ce63354f
+  data.tar.gz: 42d92aff731b1a0ba35d775390c381bcff95fdb25ad8993248ca61753fb4b9e3
 SHA512:
-  metadata.gz: b094e3408d3d7411af91e81e3e59dfb23875696d2415b8759fa9d11476de795a98d7a2d1b9eee60a603157a3139614e5a349169c75d3737faabacbf4975bc31d
-  data.tar.gz: 27e8b222d6a20253b341e3dc5fe1f656e2698af47e95d2e1c40abb43c22a26c231cc680519e7464ba9b45745cd550f9a7ab649015311c69468f93944fd9dfc6a
+  metadata.gz: 3cae7bc28afab9c63303d2aab6eb66e892fdacb0a5ba21113d7d4f8deac7647a18e2f2e708c66764671e78221a04b388c0bda93a3c8b2d2732c4b66d805408c5
+  data.tar.gz: d7fb26c1078340d7eed9d3589500c0fd4fcbb3aa995af82fbe632167494bd2400c9247f3d8c8b5091a3b0ad0e77a9f2624a154adc1781dbf611d6dc50f682afe

data/ChangeLog

@@ -1,4 +1,8 @@
-2022-07-25
+2022-08-22 1.5.5:
+
+* Fix a segfault when GC triggers inside a recursive extension.
+
+2022-07-25 1.5.4:
 
 * Fix a segfault when deserializing empty symbol (`:""`).
 * Improve compilation flags to not strip debug symbols.

data/ext/msgpack/buffer.c

@@ -613,9 +613,11 @@ size_t _msgpack_buffer_feed_from_io(msgpack_buffer_t* b)
 
 size_t _msgpack_buffer_read_from_io_to_string(msgpack_buffer_t* b, VALUE string, size_t length)
 {
+#define MIN(x, y) (((x) < (y)) ? (x) : (y))
+
     if(RSTRING_LEN(string) == 0) {
         /* direct read */
-        VALUE ret = rb_funcall(b->io, b->io_partial_read_method, 2, SIZET2NUM(length), string);
+        VALUE ret = rb_funcall(b->io, b->io_partial_read_method, 2, SIZET2NUM(MIN(b->io_buffer_size, length)), string);
         if(ret == Qnil) {
             return 0;
         }
@@ -627,7 +629,7 @@ size_t _msgpack_buffer_read_from_io_to_string(msgpack_buffer_t* b, VALUE string,
         b->io_buffer = rb_str_buf_new(0);
     }
 
-    VALUE ret = rb_funcall(b->io, b->io_partial_read_method, 2, SIZET2NUM(length), b->io_buffer);
+    VALUE ret = rb_funcall(b->io, b->io_partial_read_method, 2, SIZET2NUM(MIN(b->io_buffer_size, length)), b->io_buffer);
     if(ret == Qnil) {
         return 0;
     }
@@ -635,6 +637,8 @@ size_t _msgpack_buffer_read_from_io_to_string(msgpack_buffer_t* b, VALUE string,
 
     rb_str_buf_cat(string, (const void*)RSTRING_PTR(b->io_buffer), rl);
     return rl;
+
+#undef MIN
 }
 
 size_t _msgpack_buffer_skip_from_io(msgpack_buffer_t* b, size_t length)

data/ext/msgpack/unpacker.c

@@ -60,13 +60,16 @@ void msgpack_unpacker_static_destroy()
 #define HEAD_BYTE_REQUIRED 0xc1
 
 static inline msgpack_unpacker_stack_t* _msgpack_unpacker_new_stack(void) {
+    msgpack_unpacker_stack_t *stack = ZALLOC(msgpack_unpacker_stack_t);
+    stack->capacity = MSGPACK_UNPACKER_STACK_CAPACITY;
 #ifdef UNPACKER_STACK_RMEM
-    return msgpack_rmem_alloc(&s_stack_rmem);
+    stack->data = msgpack_rmem_alloc(&s_stack_rmem);
     /*memset(uk->stack, 0, MSGPACK_UNPACKER_STACK_CAPACITY);*/
 #else
-    /*uk->stack = calloc(MSGPACK_UNPACKER_STACK_CAPACITY, sizeof(msgpack_unpacker_stack_t));*/
-    return xmalloc(MSGPACK_UNPACKER_STACK_CAPACITY * sizeof(msgpack_unpacker_stack_t));
+    /*uk->stack = calloc(MSGPACK_UNPACKER_STACK_CAPACITY, sizeof(msgpack_unpacker_stack_entry_t));*/
+    stack->data = xmalloc(MSGPACK_UNPACKER_STACK_CAPACITY * sizeof(msgpack_unpacker_stack_entry_t));
 #endif
+    return stack;
 }
 
 msgpack_unpacker_t* _msgpack_unpacker_new(void)
@@ -81,17 +84,17 @@ msgpack_unpacker_t* _msgpack_unpacker_new(void)
     uk->reading_raw = Qnil;
 
     uk->stack = _msgpack_unpacker_new_stack();
-    uk->stack_capacity = MSGPACK_UNPACKER_STACK_CAPACITY;
 
     return uk;
 }
 
 static inline void _msgpack_unpacker_free_stack(msgpack_unpacker_stack_t* stack) {
     #ifdef UNPACKER_STACK_RMEM
-        msgpack_rmem_free(&s_stack_rmem, stack);
+        msgpack_rmem_free(&s_stack_rmem, stack->data);
     #else
-        xfree(stack);
+        xfree(stack->data);
     #endif
+    xfree(stack);
 }
 
 void _msgpack_unpacker_destroy(msgpack_unpacker_t* uk)
@@ -100,18 +103,24 @@ void _msgpack_unpacker_destroy(msgpack_unpacker_t* uk)
     msgpack_buffer_destroy(UNPACKER_BUFFER_(uk));
 }
 
+void msgpack_unpacker_mark_stack(msgpack_unpacker_stack_t* stack)
+{
+    while (stack) {
+        msgpack_unpacker_stack_entry_t* s = stack->data;
+        msgpack_unpacker_stack_entry_t* send = stack->data + stack->depth;
+        for(; s < send; s++) {
+            rb_gc_mark(s->object);
+            rb_gc_mark(s->key);
+        }
+        stack = stack->parent;
+    }
+}
+
 void msgpack_unpacker_mark(msgpack_unpacker_t* uk)
 {
     rb_gc_mark(uk->last_object);
     rb_gc_mark(uk->reading_raw);
-
-    msgpack_unpacker_stack_t* s = uk->stack;
-    msgpack_unpacker_stack_t* send = uk->stack + uk->stack_depth;
-    for(; s < send; s++) {
-        rb_gc_mark(s->object);
-        rb_gc_mark(s->key);
-    }
-
+    msgpack_unpacker_mark_stack(uk->stack);
     /* See MessagePack_Buffer_wrap */
     /* msgpack_buffer_mark(UNPACKER_BUFFER_(uk)); */
     rb_gc_mark(uk->buffer_ref);
@@ -123,9 +132,8 @@ void _msgpack_unpacker_reset(msgpack_unpacker_t* uk)
 
     uk->head_byte = HEAD_BYTE_REQUIRED;
 
-    /*memset(uk->stack, 0, sizeof(msgpack_unpacker_t) * uk->stack_depth);*/
-    uk->stack_depth = 0;
-
+    /*memset(uk->stack, 0, sizeof(msgpack_unpacker_t) * uk->stack->depth);*/
+    uk->stack->depth = 0;
     uk->last_object = Qnil;
     uk->reading_raw = Qnil;
     uk->reading_raw_remaining = 0;
@@ -201,37 +209,37 @@ static inline int object_complete_ext(msgpack_unpacker_t* uk, int ext_type, VALU
 }
 
 /* stack funcs */
-static inline msgpack_unpacker_stack_t* _msgpack_unpacker_stack_top(msgpack_unpacker_t* uk)
+static inline msgpack_unpacker_stack_entry_t* _msgpack_unpacker_stack_entry_top(msgpack_unpacker_t* uk)
 {
-    return &uk->stack[uk->stack_depth-1];
+    return &uk->stack->data[uk->stack->depth-1];
 }
 
 static inline int _msgpack_unpacker_stack_push(msgpack_unpacker_t* uk, enum stack_type_t type, size_t count, VALUE object)
 {
     reset_head_byte(uk);
 
-    if(uk->stack_capacity - uk->stack_depth <= 0) {
+    if(uk->stack->capacity - uk->stack->depth <= 0) {
         return PRIMITIVE_STACK_TOO_DEEP;
     }
 
-    msgpack_unpacker_stack_t* next = &uk->stack[uk->stack_depth];
+    msgpack_unpacker_stack_entry_t* next = &uk->stack->data[uk->stack->depth];
     next->count = count;
     next->type = type;
     next->object = object;
     next->key = Qnil;
 
-    uk->stack_depth++;
+    uk->stack->depth++;
     return PRIMITIVE_CONTAINER_START;
 }
 
 static inline VALUE msgpack_unpacker_stack_pop(msgpack_unpacker_t* uk)
 {
-    return --uk->stack_depth;
+    return --uk->stack->depth;
 }
 
 static inline bool msgpack_unpacker_stack_is_empty(msgpack_unpacker_t* uk)
 {
-    return uk->stack_depth == 0;
+    return uk->stack->depth == 0;
 }
 
 #ifdef USE_CASE_RANGE
@@ -259,8 +267,8 @@ static inline bool msgpack_unpacker_stack_is_empty(msgpack_unpacker_t* uk)
 
 static inline bool is_reading_map_key(msgpack_unpacker_t* uk)
 {
-    if(uk->stack_depth > 0) {
-        msgpack_unpacker_stack_t* top = _msgpack_unpacker_stack_top(uk);
+    if(uk->stack->depth > 0) {
+        msgpack_unpacker_stack_entry_t* top = _msgpack_unpacker_stack_entry_top(uk);
         if(top->type == STACK_TYPE_MAP_KEY) {
             return true;
         }
@@ -314,20 +322,14 @@ static inline int read_raw_body_begin(msgpack_unpacker_t* uk, int raw_type)
             reset_head_byte(uk);
             uk->reading_raw_remaining = 0;
 
-            msgpack_unpacker_stack_t* stack = uk->stack;
-            size_t stack_depth = uk->stack_depth;
-            size_t stack_capacity = uk->stack_capacity;
-
-            uk->stack = _msgpack_unpacker_new_stack();
-            uk->stack_depth = 0;
-            uk->stack_capacity = MSGPACK_UNPACKER_STACK_CAPACITY;
+            msgpack_unpacker_stack_t* child_stack = _msgpack_unpacker_new_stack();
+            child_stack->parent = uk->stack;
+            uk->stack = child_stack;
 
             obj = rb_funcall(proc, s_call, 1, uk->buffer.owner);
 
-            _msgpack_unpacker_free_stack(uk->stack);
-            uk->stack = stack;
-            uk->stack_depth = stack_depth;
-            uk->stack_capacity = stack_capacity;
+            uk->stack = child_stack->parent;
+            _msgpack_unpacker_free_stack(child_stack);
 
             return object_complete(uk, obj);
         }
@@ -737,7 +739,7 @@ int msgpack_unpacker_read(msgpack_unpacker_t* uk, size_t target_stack_depth)
 
         container_completed:
         {
-            msgpack_unpacker_stack_t* top = _msgpack_unpacker_stack_top(uk);
+            msgpack_unpacker_stack_entry_t* top = _msgpack_unpacker_stack_entry_top(uk);
             switch(top->type) {
             case STACK_TYPE_ARRAY:
                 rb_ary_push(top->object, uk->last_object);
@@ -787,7 +789,7 @@ int msgpack_unpacker_skip(msgpack_unpacker_t* uk, size_t target_stack_depth)
 
         container_completed:
         {
-            msgpack_unpacker_stack_t* top = _msgpack_unpacker_stack_top(uk);
+            msgpack_unpacker_stack_entry_t* top = _msgpack_unpacker_stack_entry_top(uk);
 
             /* this section optimized out */
             // TODO object_complete still creates objects which should be optimized out

data/ext/msgpack/unpacker.h

@@ -27,6 +27,7 @@
 
 struct msgpack_unpacker_t;
 typedef struct msgpack_unpacker_t msgpack_unpacker_t;
+typedef struct msgpack_unpacker_stack_t msgpack_unpacker_stack_t;
 
 enum stack_type_t {
     STACK_TYPE_ARRAY,
@@ -39,19 +40,22 @@ typedef struct {
     enum stack_type_t type;
     VALUE object;
     VALUE key;
-} msgpack_unpacker_stack_t;
+} msgpack_unpacker_stack_entry_t;
+
+struct msgpack_unpacker_stack_t {
+    size_t depth;
+    size_t capacity;
+    msgpack_unpacker_stack_entry_t *data;
+    msgpack_unpacker_stack_t *parent;
+};
 
 #define MSGPACK_UNPACKER_STACK_SIZE (8+4+8+8)  /* assumes size_t <= 64bit, enum <= 32bit, VALUE <= 64bit */
 
 struct msgpack_unpacker_t {
     msgpack_buffer_t buffer;
-
+    msgpack_unpacker_stack_t *stack;
     unsigned int head_byte;
 
-    msgpack_unpacker_stack_t* stack;
-    size_t stack_depth;
-    size_t stack_capacity;
-
     VALUE last_object;
 
     VALUE reading_raw;

data/lib/msgpack/version.rb

@@ -1,5 +1,5 @@
 module MessagePack
-  VERSION = "1.5.4"
+  VERSION = "1.5.5"
   # Note for maintainers:
   #  Don't miss building/releasing the JRuby version (rake buld:java)
   #  See "How to build -java rubygems" in README for more details.

data/spec/factory_spec.rb

@@ -587,6 +587,30 @@ describe MessagePack::Factory do
         GC.stress = false
       end
     end
+
+    it 'does not crash in recursive extensions' do
+      my_hash_type = Class.new(Hash)
+      factory = MessagePack::Factory.new
+      factory.register_type(7,
+        my_hash_type,
+        packer: ->(value, packer) do
+          packer.write(value.to_h)
+        end,
+        unpacker: ->(unpacker) { my_hash_type.new(unpacker.read) },
+        recursive: true,
+      )
+
+      payload = factory.dump(
+        [my_hash_type.new]
+      )
+
+      begin
+        GC.stress = true
+        factory.load(payload)
+      ensure
+        GC.stress = false
+      end
+    end
   end
 
   describe 'DefaultFactory' do

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: msgpack
 version: !ruby/object:Gem::Version
-  version: 1.5.4
+  version: 1.5.5
 platform: ruby
 authors:
 - Sadayuki Furuhashi
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-07-25 00:00:00.000000000 Z
+date: 2022-08-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler