From 9ac14af3fcdb204a20da027bba0ae2103f8dddd8 Mon Sep 17 00:00:00 2001 From: Matthew Flatt Date: Thu, 10 Jul 2014 06:57:42 +0100 Subject: [PATCH] fix guard on references to unsafe functions in bytecode The protection against unsafe-function references was designed for bytecode that referred to unsafe operations indirectly, and that was broken when the compiler changed to refer to unsafe functions directly in bytecode (to simplify JIT inlining bytecode optimization). Actually, the relevant code (now removed) seems to be pointless, since protected-binding checking should cover it already. Maybe something else changed, or maybe the code was not properly checked in the first place. Now, `read` rejects a bytecode stream if it contains a direct reference to an unsafe function and the code inspector is not the original code inspector. It's still possible to synthesize bytecode that contains an indirect reference, and then protected-binding checking does its job. original commit: 7ccac3c0543e59c503e73ddd1e7dba62e022a279 --- pkgs/compiler-pkgs/compiler-lib/compiler/zo-parse.rkt | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/pkgs/compiler-pkgs/compiler-lib/compiler/zo-parse.rkt b/pkgs/compiler-pkgs/compiler-lib/compiler/zo-parse.rkt index ffc49b3291..751ccea841 100644 --- a/pkgs/compiler-pkgs/compiler-lib/compiler/zo-parse.rkt +++ b/pkgs/compiler-pkgs/compiler-lib/compiler/zo-parse.rkt @@ -67,13 +67,10 @@ (make-compilation-top ld prefix code)])) (define (read-resolve-prefix v) - (let-values ([(v unsafe?) (if (integer? (car v)) - (values v #f) - (values (cdr v) #t))]) - (match v - [`(,i ,tv . ,sv) - ; XXX Why not leave them as vectors and change the contract? - (make-prefix i (vector->list tv) (vector->list sv))]))) + (match v + [`(,i ,tv . ,sv) + ;; XXX Why not leave them as vectors and change the contract? + (make-prefix i (vector->list tv) (vector->list sv))])) (define read-free-id-info (match-lambda