fix #378: Skip loops in if statements correctly

adazem009 · adazem009 · commit 18a382446458 · 2023-12-17T17:19:01.000+01:00
diff --git a/src/engine/virtualmachine_p.cpp b/src/engine/virtualmachine_p.cpp
@@ -239,13 +239,15 @@ unsigned int *VirtualMachinePrivate::run(unsigned int *pos, bool reset)
 do_if:
     if (!READ_LAST_REG()->toBool()) {
         unsigned int ifCounter = 1;
-        while ((*pos != OP_ELSE && *pos != OP_ENDIF) || (ifCounter > 0)) {
+        while (!((*pos == OP_ELSE && ifCounter == 1) || (*pos == OP_ENDIF && ifCounter == 0))) {
             pos += instruction_arg_count[*pos++];
 
-            if (*pos == OP_IF)
+            if ((*pos == OP_IF) || (*pos == OP_FOREVER_LOOP) || (*pos == OP_REPEAT_LOOP) || (*pos == OP_UNTIL_LOOP))
                 ifCounter++;
-            else if ((*pos == OP_ELSE) || (*pos == OP_ENDIF))
+            else if ((*pos == OP_ENDIF) || (*pos == OP_LOOP_END)) {
+                assert(ifCounter > 0);
                 ifCounter--;
+            }
         }
     }
     FREE_REGS(1);
@@ -275,10 +277,12 @@ unsigned int *VirtualMachinePrivate::run(unsigned int *pos, bool reset)
         while ((*loopEnd != OP_LOOP_END) || (loopCounter > 0)) {
             loopEnd += instruction_arg_count[*loopEnd++];
 
-            if ((*loopEnd == OP_FOREVER_LOOP) || (*loopEnd == OP_REPEAT_LOOP) || (*loopEnd == OP_UNTIL_LOOP))
+            if ((*loopEnd == OP_IF) || (*loopEnd == OP_FOREVER_LOOP) || (*loopEnd == OP_REPEAT_LOOP) || (*loopEnd == OP_UNTIL_LOOP))
                 loopCounter++;
-            else if (*loopEnd == OP_LOOP_END)
+            else if ((*loopEnd == OP_ENDIF) || (*loopEnd == OP_LOOP_END)) {
+                assert(loopCounter > 0);
                 loopCounter--;
+            }
         }
         pos = loopEnd;
     } else {
diff --git a/test/virtual_machine/virtual_machine_test.cpp b/test/virtual_machine/virtual_machine_test.cpp
@@ -1626,3 +1626,14 @@ TEST(VirtualMachineTest, NoCrashInNestedIfStatementsWithLoop)
     vm.run();
     ASSERT_EQ(vm.registerCount(), 0);
 }
+
+TEST(VirtualMachineTest, NoCrashInNestedIfStatementsWithLoopAndIfElse)
+{
+    // Regtest for #378
+    static unsigned int bytecode[] = { OP_START, OP_NULL, OP_IF, OP_NULL, OP_REPEAT_LOOP, OP_NULL, OP_IF, OP_ELSE, OP_ENDIF, OP_LOOP_END, OP_ENDIF, OP_HALT };
+
+    VirtualMachine vm(nullptr, nullptr, nullptr);
+    vm.setBytecode(bytecode);
+    vm.run();
+    ASSERT_EQ(vm.registerCount(), 0);
+}
