Fix stack overflow

rhaiscript · Jun 15, 2024 · 112e6e4 · 112e6e4
1 parent 423f21e
commit 112e6e4
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -16,6 +16,7 @@ Bug fixes
 * Fixed stack overflow when calling closures recursively (thanks [`@MageWeiG`](https://github.com/MageWeiG) [880](https://github.com/rhaiscript/rhai/issues/880)).
 * `Engine::call_fn` and `Engine::call_fn_with_options` now correctly use the `AST`'s `source` field.
 * (Fuzzing) Fixed crash when using `..=` in strings.
+* A recursive stack-overflow bug in `Dynamic::is_hashable` is fixed.
 
 New features
 ------------

diff --git a/src/types/dynamic.rs b/src/types/dynamic.rs
@@ -741,7 +741,6 @@ impl fmt::Debug for Dynamic {
                     dict: &mut HashSet<*const Dynamic>,
                 ) -> fmt::Result {
                     match value.0 {
-                        #[cfg(not(feature = "no_closure"))]
                         Union::Shared(ref cell, ..) => match crate::func::locked_read(cell) {
                             Some(v) => {
                                 if dict.insert(value) {
@@ -1267,8 +1266,27 @@ impl Dynamic {
             }
 
             #[cfg(not(feature = "no_closure"))]
-            Union::Shared(ref cell, ..) => {
-                crate::func::locked_read(cell).map_or(false, |v| v.is_hashable())
+            Union::Shared(..) => {
+                #[cfg(feature = "no_std")]
+                use hashbrown::HashSet;
+                #[cfg(not(feature = "no_std"))]
+                use std::collections::HashSet;
+
+                // Avoid infinite recursion for shared values in a reference loop.
+                fn checked_is_hashable(
+                    value: &Dynamic,
+                    dict: &mut HashSet<*const Dynamic>,
+                ) -> bool {
+                    match value.0 {
+                        Union::Shared(ref cell, ..) => match crate::func::locked_read(cell) {
+                            Some(v) => dict.insert(value) && checked_is_hashable(&v, dict),
+                            _ => false,
+                        },
+                        _ => value.is_hashable(),
+                    }
+                }
+
+                checked_is_hashable(self, &mut <_>::default())
             }
         }
     }