From 0a6c6f5ab38c7a318d8d9bc5c0ed5a8a4a7b1aad Mon Sep 17 00:00:00 2001
From: victor sosa <victorsosa@users.noreply.github.com>
Date: Thu, 1 Nov 2018 05:18:17 -0400
Subject: [PATCH 1/2] issue with stack clash protection

I found the issue and it is related to 'therubyracer' lib
There is a bug with the use of vector out of bounds.

to this line:
return &vector[0];
on file: ext/v8/rr.h#L223

error:
    [vns@betito perseus]$ rails s
    /usr/include/c++/8/bits/stl_vector.h:932: std::vector<_Tp, _Alloc>::reference std::vector<_Tp, _Alloc>::operator[](std::vector<_Tp, _Alloc>::size_type) [with _Tp = v8::Handle<v8::Value>; _Alloc = std::allocator<v8::Handle<v8::Value> >; std::vector<_Tp, _Alloc>::reference = v8::Handle<v8::Value>&; std::vector<_Tp, _Alloc>::size_type = long unsigned int]: Assertion '__builtin_expect(__n < this->size(), true)' failed.
    Aborted (core dumped)

tested using:


Fedora 28
ruby 2.5.1
rails 5.2.0
libstdc++ 8.1.1

this issue do not happend with libstdc++ < 8.1.1
version 8.1 enable C++ standard library hardening with -D_GLIBCXX_ASSERTIONS. This turns on cheap range checks for C++ arrays, vectors, and strings.

check this link for more details:
https://stackoverflow.com/questions/51661931/rails-s-command-issue/51662528#51662528
---
 ext/v8/rr.h | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/ext/v8/rr.h b/ext/v8/rr.h
index 6c76bc09..aa95ae9e 100644
--- a/ext/v8/rr.h
+++ b/ext/v8/rr.h
@@ -220,7 +220,11 @@ template <class T> class Ref {
       for (uint32_t i = 0; i < vector.size(); i++) {
         vector[i] = C(rb_ary_entry(argv, i));
       }
-      return &vector[0];
+      if(vector.size() > 0){
+        return &vector[0];
+      } else {
+        return null;
+      }
     }
   private:
     VALUE argv;

From 1e3db8375b25a2f2b996551debbd03f96c605bb3 Mon Sep 17 00:00:00 2001
From: victor sosa <victorsosa@users.noreply.github.com>
Date: Thu, 1 Nov 2018 07:00:04 -0400
Subject: [PATCH 2/2] Update rr.h

---
 ext/v8/rr.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/v8/rr.h b/ext/v8/rr.h
index aa95ae9e..27290ff0 100644
--- a/ext/v8/rr.h
+++ b/ext/v8/rr.h
@@ -223,7 +223,7 @@ template <class T> class Ref {
       if(vector.size() > 0){
         return &vector[0];
       } else {
-        return null;
+        return NULL;
       }
     }
   private: