[svn:parrot] r41774 - branches/pcc_reapply/src/call

[bacek at svn.parrot.org]

Author: bacek
Date: Fri Oct  9 22:38:11 2009
New Revision: 41774
URL: https://trac.parrot.org/parrot/changeset/41774

Log:
More checks for results_list to prevent Null dereferencing and overflow.

Modified:
   branches/pcc_reapply/src/call/args.c

Modified: branches/pcc_reapply/src/call/args.c
==============================================================================
--- branches/pcc_reapply/src/call/args.c	Fri Oct  9 22:22:10 2009	(r41773)
+++ branches/pcc_reapply/src/call/args.c	Fri Oct  9 22:38:11 2009	(r41774)
@@ -1388,7 +1388,7 @@
 
     result_list = VTABLE_get_attr_str(interp, call_object, CONST_STRING(interp, "returns"));
     result_sig   = VTABLE_get_attr_str(interp, call_object, CONST_STRING(interp, "return_flags"));
-    result_count = VTABLE_elements(interp, result_list);
+    result_count = PMC_IS_NULL(result_list) ? 0 : VTABLE_elements(interp, result_list);
 
     /* the call obj doesn't have the returns as positionals, so instead we loop
      * over raw_sig and count the number of non-named
@@ -1428,6 +1428,16 @@
             }
             return;
         }
+        else if (result_index >= result_count) {
+            if (err_check) {
+                /* We've used up all the results, but have extra positional
+                 * returns left over. */
+                Parrot_ex_throw_from_c_args(interp, NULL, EXCEPTION_INVALID_OPERATION,
+                        "too many positional returns: %d passed, %d expected",
+                        return_index, result_count);
+            }
+            return;
+        }
 
         result_flags = VTABLE_get_integer_keyed_int(interp, result_sig, result_index);
         return_flags = VTABLE_get_integer_keyed_int(interp, raw_sig, return_index);