General

Profile

rwstauner (Randy Stauner)

  • Login: rwstauner
  • Registered on: 05/14/2024
  • Last sign in: 06/10/2026

Issues

open closed Total
Assigned issues 0 1 1
Reported issues 0 2 2

Projects

Project Roles Registered on
Ruby Contributor 03/03/2025

Activity

06/17/2026

08:37 PM Ruby Revision e29bcf6c (git): gc: Fix inconsistent args in rb_gc_unregister_address that can cause heap-use-after-free
The destination should be an address just like the source.
Added a regression test based on the nokogiri code that highlighted the bug under ASan. rwstauner (Randy Stauner)

06/11/2026

04:28 AM Ruby Revision dc0a5f07 (git): Avoid reading TypedData type after dfree
[Bug #22101] rwstauner (Randy Stauner)
02:50 AM Ruby Bug #22101: ASAN heap-use-after-free in rb_data_free after TypedData dfree frees dynamic rb_data_type_t
Backport for 3.3 https://github.com/ruby/ruby/pull/17271 rwstauner (Randy Stauner)
01:01 AM Ruby Bug #22101 (Closed): ASAN heap-use-after-free in rb_data_free after TypedData dfree frees dynamic rb_data_type_t
Applied in changeset commit:git|86c23c9e51c79dff04ebf493a3e94e3d63b9118e.
----------
Avoid reading TypedData type after dfree
[Bug #22101] (Backport) rwstauner (Randy Stauner)
01:01 AM Ruby Revision 86c23c9e (git): Avoid reading TypedData type after dfree
[Bug #22101] (Backport) rwstauner (Randy Stauner)

06/10/2026

11:08 PM Ruby Bug #22101: ASAN heap-use-after-free in rb_data_free after TypedData dfree frees dynamic rb_data_type_t
backport for 3.4: https://github.com/ruby/ruby/pull/17268 rwstauner (Randy Stauner)
10:47 PM Ruby Bug #22101: ASAN heap-use-after-free in rb_data_free after TypedData dfree frees dynamic rb_data_type_t
backport for 4.0: https://github.com/ruby/ruby/pull/17267 rwstauner (Randy Stauner)
10:12 PM Ruby Bug #22101 (Closed): ASAN heap-use-after-free in rb_data_free after TypedData dfree frees dynamic rb_data_type_t
`rb_data_free` currently calls `dfree` and then evaluates `RTYPEDDATA_EMBEDDABLE_P(obj)`.
Since `RTYPEDDATA_EMBEDDABLE_P(obj)` reads `RTYPEDDATA_TYPE(obj)->flags`, this can become a use-after-free if an extension's `dfree` releases a ... rwstauner (Randy Stauner)

06/02/2026

08:42 PM Ruby Revision 3b4761cc (git): ZJIT: Add HIR Comment insn (#15166)
Useful for adding comments to HIR/LIR/disasm that are not specific to an instruction.
Possibly most useful for temporarily printing more information
while debugging by keeping the statements interleaved with the HIR.
With a local chang... rwstauner (Randy Stauner)

03/31/2026

09:48 PM Ruby Revision c9ae44e1 (git): set: fix Set#to_set block behavior and add regression test
rwstauner (Randy Stauner)

Also available in: Atom