From 198080c106e2d6238791b3ccc0d049a511743d62 Mon Sep 17 00:00:00 2001
From: Kevin Newton <kddnewton@gmail.com>
Date: Sat, 29 Nov 2025 14:20:06 -0500
Subject: [PATCH] Fix out-of-bounds read after utf-8 BOM

Co-authored-by: Steven Johnstone <steven.james.johnstone@gmail.com>
---
 src/prism.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/prism.c b/src/prism.c
index 186cdd354c..4d883a2dd3 100644
--- a/src/prism.c
+++ b/src/prism.c
@@ -22861,8 +22861,8 @@ pm_parser_init(pm_parser_t *parser, const uint8_t *source, size_t size, const pm
     // If the shebang does not include "ruby" and this is the main script being
     // parsed, then we will start searching the file for a shebang that does
     // contain "ruby" as if -x were passed on the command line.
-    const uint8_t *newline = next_newline(parser->start, parser->end - parser->start);
-    size_t length = (size_t) ((newline != NULL ? newline : parser->end) - parser->start);
+    const uint8_t *newline = next_newline(parser->current.end, parser->end - parser->current.end);
+    size_t length = (size_t) ((newline != NULL ? newline : parser->end) - parser->current.end);
 
     if (length > 2 && parser->current.end[0] == '#' && parser->current.end[1] == '!') {
         const char *engine;