From 2bd10da7c621621698f804aec1e60c6b5365d882 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Delogu?= Date: Thu, 19 Aug 2021 18:21:33 +0200 Subject: [PATCH] Secure array slicing when expanding macro for stack trace --- src/compiler/crystal/exception.cr | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/compiler/crystal/exception.cr b/src/compiler/crystal/exception.cr index d6e19227236d..a8853888660a 100644 --- a/src/compiler/crystal/exception.cr +++ b/src/compiler/crystal/exception.cr @@ -253,8 +253,9 @@ module Crystal source, _ = minimize_indentation(source.lines) io << Crystal.with_line_numbers(source, line_number, @color) else - from_index = [0, line_number - MACRO_LINES_TO_SHOW].max - source_slice = source.lines[from_index...line_number] + to_index = line_number.clamp(0..source.lines.size) + from_index = {0, to_index - MACRO_LINES_TO_SHOW}.max + source_slice = source.lines[from_index...to_index] source_slice, spaces_removed = minimize_indentation(source_slice) io << Crystal.with_line_numbers(source_slice, line_number, @color, line_number_start = from_index + 1)