From c7c8f56e111f1948242327e71b5c4ce8becd2922 Mon Sep 17 00:00:00 2001
From: Matthew Flatt <mflatt@racket-lang.org>
Date: Thu, 8 Jul 2010 16:51:47 -0600
Subject: [PATCH] fix validation of module .zo exp-time content, and fix
 zo-marshal

---
 collects/compiler/zo-marshal.rkt | 13 ++++++++++++-
 src/racket/src/module.c          | 16 ++++++++++++++++
 2 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/collects/compiler/zo-marshal.rkt b/collects/compiler/zo-marshal.rkt
index fba002eecb..0ff5989dfb 100644
--- a/collects/compiler/zo-marshal.rkt
+++ b/collects/compiler/zo-marshal.rkt
@@ -479,7 +479,18 @@
                         [l (cons (lookup-req 1) l)] ; et-requires
                         [l (cons (lookup-req 0) l)] ; requires
                         [l (cons (list->vector body) l)]
-                        [l (cons (list->vector syntax-body) l)]
+                        [l (cons (list->vector
+                                  (for/list ([i (in-list syntax-body)])
+                                    (define (maybe-one l) ;; a single symbol is ok
+                                      (if (and (pair? l) (null? (cdr l)))
+                                          (car l)
+                                          l))
+                                    (match i
+                                      [(struct def-syntaxes (ids rhs prefix max-let-depth))
+                                       (vector (maybe-one ids) rhs max-let-depth prefix #f)]
+                                      [(struct def-for-syntax (ids rhs prefix max-let-depth))
+                                       (vector (maybe-one ids) rhs max-let-depth prefix #t)])))
+                                 l)]
                         [l (append (apply
                                     append
                                     (map (lambda (l)
diff --git a/src/racket/src/module.c b/src/racket/src/module.c
index 577eacda46..b4d09ca746 100644
--- a/src/racket/src/module.c
+++ b/src/racket/src/module.c
@@ -10416,6 +10416,22 @@ static Scheme_Object *read_module(Scheme_Object *obj)
   e = SCHEME_CAR(obj);
   if (!SCHEME_VECTORP(e)) return_NULL();
   m->et_body = e;
+  for (i = SCHEME_VEC_SIZE(e); i--; ) {
+    e = SCHEME_VEC_ELS(m->et_body)[i];
+    if (!SCHEME_VECTORP(e)) return_NULL();
+    /* SCHEME_VEC_ELS(e)[1] should be code */
+    if (!SCHEME_INTP(SCHEME_VEC_ELS(e)[2])) return_NULL();
+    if (!SAME_TYPE(SCHEME_TYPE(SCHEME_VEC_ELS(e)[3]), scheme_resolve_prefix_type))
+      return_NULL();
+    e = SCHEME_VEC_ELS(e)[0];
+    if (!SCHEME_SYMBOLP(e)) {
+      while (SCHEME_PAIRP(e)) {
+        if (!SCHEME_SYMBOLP(SCHEME_CAR(e))) return_NULL();
+        e = SCHEME_CDR(e);
+      }
+      if (!SCHEME_NULLP(e)) return_NULL();
+    }
+  }
   obj = SCHEME_CDR(obj);
 
   if (!SCHEME_PAIRP(obj)) return_NULL();