From f6454c808075c76e194737e10adedf358394a609 Mon Sep 17 00:00:00 2001 From: Jeremy Evans Date: Mon, 17 Apr 2017 12:12:40 -0700 Subject: [PATCH] Fix heap overflow by allocating more memory per heap page REQUIRED_SIZE_BY_MALLOC needs to be added when using malloc, otherwise ruby writes to unallocated memory. --- gc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gc.c b/gc.c index ce80ccff7f..ddaddc9e86 100644 --- a/gc.c +++ b/gc.c @@ -1481,7 +1481,7 @@ heap_page_allocate(rb_objspace_t *objspace) int limit = HEAP_PAGE_OBJ_LIMIT; /* assign heap_page body (contains heap_page_header and RVALUEs) */ - page_body = (struct heap_page_body *)aligned_malloc(HEAP_PAGE_ALIGN, HEAP_PAGE_SIZE); + page_body = (struct heap_page_body *)aligned_malloc(HEAP_PAGE_ALIGN, HEAP_PAGE_SIZE+REQUIRED_SIZE_BY_MALLOC); if (page_body == 0) { rb_memerror(); } -- 2.11.0