PKG_NAME:=lua
PKG_VERSION:=5.3.5
-PKG_RELEASE:=5
+PKG_RELEASE:=6
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.lua.org/ftp/ \
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
---
-diff --git a/Makefile b/Makefile
--- a/Makefile
+++ b/Makefile
@@ -12,7 +12,7 @@ PLAT= none
--- /dev/null
+From 89aee84cbc9224f638f3b7951b306d2ee8ecb71e Mon Sep 17 00:00:00 2001
+From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
+Date: Wed, 27 Mar 2019 14:30:12 -0300
+Subject: [PATCH] Fixed bug in 'lua_upvaluejoin'
+
+Bug-fix: joining an upvalue with itself could cause a use-after-free
+crash.
+---
+ src/lapi.c | 12 +++++------
+ 1 file changed, 41 insertions(+), 39 deletions(-)
+
+--- a/src/lapi.c
++++ b/src/lapi.c
+@@ -1254,13 +1254,12 @@ LUA_API const char *lua_setupvalue (lua_
+ }
+
+
+-static UpVal **getupvalref (lua_State *L, int fidx, int n, LClosure **pf) {
++static UpVal **getupvalref (lua_State *L, int fidx, int n) {
+ LClosure *f;
+ StkId fi = index2addr(L, fidx);
+ api_check(L, ttisLclosure(fi), "Lua function expected");
+ f = clLvalue(fi);
+ api_check(L, (1 <= n && n <= f->p->sizeupvalues), "invalid upvalue index");
+- if (pf) *pf = f;
+ return &f->upvals[n - 1]; /* get its upvalue pointer */
+ }
+
+@@ -1269,7 +1268,7 @@ LUA_API void *lua_upvalueid (lua_State *
+ StkId fi = index2addr(L, fidx);
+ switch (ttype(fi)) {
+ case LUA_TLCL: { /* lua closure */
+- return *getupvalref(L, fidx, n, NULL);
++ return *getupvalref(L, fidx, n);
+ }
+ case LUA_TCCL: { /* C closure */
+ CClosure *f = clCvalue(fi);
+@@ -1286,9 +1285,10 @@ LUA_API void *lua_upvalueid (lua_State *
+
+ LUA_API void lua_upvaluejoin (lua_State *L, int fidx1, int n1,
+ int fidx2, int n2) {
+- LClosure *f1;
+- UpVal **up1 = getupvalref(L, fidx1, n1, &f1);
+- UpVal **up2 = getupvalref(L, fidx2, n2, NULL);
++ UpVal **up1 = getupvalref(L, fidx1, n1);
++ UpVal **up2 = getupvalref(L, fidx2, n2);
++ if (*up1 == *up2)
++ return;
+ luaC_upvdeccount(L, *up1);
+ *up1 = *up2;
+ (*up1)->refcount++;
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
---
-diff --git a/Makefile b/Makefile
--- a/Makefile
+++ b/Makefile
@@ -12,7 +12,7 @@ PLAT= none
---- a/Makefile 2019-07-02 09:24:57.554332875 -0600
-+++ b/Makefile 2019-07-02 09:25:42.626694604 -0600
+--- a/Makefile
++++ b/Makefile
@@ -41,7 +41,7 @@ PLATS= aix bsd c89 freebsd generic linux
# What to install.
TO_BIN= lua$V luac$V
cd doc && $(INSTALL_DATA) $(TO_MAN) $(INSTALL_MAN)
uninstall:
---- a/src/ldo.h 2017-04-19 11:20:42.000000000 -0600
-+++ b/src/ldo.h 2019-07-02 09:25:42.626694604 -0600
+--- a/src/ldo.h
++++ b/src/ldo.h
@@ -47,8 +47,8 @@ LUAI_FUNC int luaD_pcall (lua_State *L,
LUAI_FUNC int luaD_poscall (lua_State *L, CallInfo *ci, StkId firstResult,
int nres);
LUAI_FUNC void luaD_inctop (lua_State *L);
LUAI_FUNC l_noret luaD_throw (lua_State *L, int errcode);
---- a/src/lfunc.h 2017-04-19 11:39:34.000000000 -0600
-+++ b/src/lfunc.h 2019-07-02 09:25:42.630694635 -0600
+--- a/src/lfunc.h
++++ b/src/lfunc.h
@@ -47,14 +47,14 @@ struct UpVal {
#define upisopen(up) ((up)->v != &(up)->u.value)
int pc);
---- a/src/lgc.h 2017-04-19 11:39:34.000000000 -0600
-+++ b/src/lgc.h 2019-07-02 09:25:42.634694666 -0600
+--- a/src/lgc.h
++++ b/src/lgc.h
@@ -133,11 +133,11 @@
LUAI_FUNC void luaC_fix (lua_State *L, GCObject *o);
LUAI_FUNC void luaC_barrierback_ (lua_State *L, Table *o);
LUAI_FUNC void luaC_upvalbarrier_ (lua_State *L, UpVal *uv);
LUAI_FUNC void luaC_checkfinalizer (lua_State *L, GCObject *o, Table *mt);
---- a/src/llex.h 2017-04-19 11:20:42.000000000 -0600
-+++ b/src/llex.h 2019-07-02 09:25:42.630694635 -0600
+--- a/src/llex.h
++++ b/src/llex.h
@@ -73,13 +73,13 @@ typedef struct LexState {
#endif
---- a/src/lmem.h 2017-04-19 11:20:42.000000000 -0600
-+++ b/src/lmem.h 2019-07-02 09:25:42.630694635 -0600
+--- a/src/lmem.h
++++ b/src/lmem.h
@@ -56,12 +56,12 @@
#define luaM_reallocvector(L, v,oldn,n,t) \
((v)=cast(t *, luaM_reallocv(L, v, oldn, n, sizeof(t))))
size_t size_elem, int limit,
const char *what);
---- a/src/lobject.h 2017-04-19 11:39:34.000000000 -0600
-+++ b/src/lobject.h 2019-07-02 09:25:42.630694635 -0600
+--- a/src/lobject.h
++++ b/src/lobject.h
@@ -525,7 +525,7 @@ typedef struct Table {
#define luaO_nilobject (&luaO_nilobject_)
#endif
---- a/src/lopcodes.h 2017-04-19 11:20:42.000000000 -0600
-+++ b/src/lopcodes.h 2019-07-02 09:25:42.630694635 -0600
+--- a/src/lopcodes.h
++++ b/src/lopcodes.h
@@ -278,7 +278,7 @@ enum OpArgMask {
OpArgK /* argument is a constant or register/constant */
};
/* number of list items to accumulate before a SETLIST instruction */
---- a/src/lstate.h 2017-04-19 11:39:34.000000000 -0600
-+++ b/src/lstate.h 2019-07-02 09:25:42.630694635 -0600
+--- a/src/lstate.h
++++ b/src/lstate.h
@@ -244,9 +244,9 @@ union GCUnion {
LUAI_FUNC void luaE_setdebt (global_State *g, l_mem debt);
#endif
---- a/src/lstring.h 2017-04-19 11:20:42.000000000 -0600
-+++ b/src/lstring.h 2019-07-02 09:25:42.630694635 -0600
+--- a/src/lstring.h
++++ b/src/lstring.h
@@ -35,15 +35,15 @@
LUAI_FUNC unsigned int luaS_hash (const char *str, size_t l, unsigned int seed);
#endif
---- a/src/ltable.h 2018-05-24 13:39:05.000000000 -0600
-+++ b/src/ltable.h 2019-07-02 09:25:42.630694635 -0600
+--- a/src/ltable.h
++++ b/src/ltable.h
@@ -41,14 +41,14 @@
LUAI_FUNC void luaH_resize (lua_State *L, Table *t, unsigned int nasize,
unsigned int nhsize);
LUAI_FUNC void luaH_resizearray (lua_State *L, Table *t, unsigned int nasize);
---- a/src/ltm.h 2017-04-19 11:20:42.000000000 -0600
-+++ b/src/ltm.h 2019-07-02 09:25:42.634694666 -0600
+--- a/src/ltm.h
++++ b/src/ltm.h
@@ -55,10 +55,10 @@ typedef enum {
LUAI_DDEC const char *const luaT_typenames_[LUA_TOTALTAGS];
const TValue *p2, TMS event);
---- a/src/lundump.h 2017-04-19 11:20:42.000000000 -0600
-+++ b/src/lundump.h 2019-07-02 09:25:42.634694666 -0600
+--- a/src/lundump.h
++++ b/src/lundump.h
@@ -23,10 +23,10 @@
#define LUAC_FORMAT 0 /* this is the official format */
void* data, int strip);
#endif
---- a/src/lzio.h 2017-04-19 11:20:42.000000000 -0600
-+++ b/src/lzio.h 2019-07-02 09:25:42.634694666 -0600
+--- a/src/lzio.h
++++ b/src/lzio.h
@@ -61,6 +61,6 @@ struct Zio {
};
+LUA_API int luaZ_fill (ZIO *z);
#endif
---- a/src/Makefile 2019-07-02 09:24:57.554332875 -0600
-+++ b/src/Makefile 2019-07-02 09:25:42.630694635 -0600
+--- a/src/Makefile
++++ b/src/Makefile
@@ -29,6 +29,7 @@ MYOBJS=
PLATS= aix bsd c89 freebsd generic linux macosx mingw posix solaris
--- /dev/null
+From 89aee84cbc9224f638f3b7951b306d2ee8ecb71e Mon Sep 17 00:00:00 2001
+From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
+Date: Wed, 27 Mar 2019 14:30:12 -0300
+Subject: [PATCH] Fixed bug in 'lua_upvaluejoin'
+
+Bug-fix: joining an upvalue with itself could cause a use-after-free
+crash.
+---
+ src/lapi.c | 12 +++++------
+ 1 file changed, 41 insertions(+), 39 deletions(-)
+
+--- a/src/lapi.c
++++ b/src/lapi.c
+@@ -1254,13 +1254,12 @@ LUA_API const char *lua_setupvalue (lua_
+ }
+
+
+-static UpVal **getupvalref (lua_State *L, int fidx, int n, LClosure **pf) {
++static UpVal **getupvalref (lua_State *L, int fidx, int n) {
+ LClosure *f;
+ StkId fi = index2addr(L, fidx);
+ api_check(L, ttisLclosure(fi), "Lua function expected");
+ f = clLvalue(fi);
+ api_check(L, (1 <= n && n <= f->p->sizeupvalues), "invalid upvalue index");
+- if (pf) *pf = f;
+ return &f->upvals[n - 1]; /* get its upvalue pointer */
+ }
+
+@@ -1269,7 +1268,7 @@ LUA_API void *lua_upvalueid (lua_State *
+ StkId fi = index2addr(L, fidx);
+ switch (ttype(fi)) {
+ case LUA_TLCL: { /* lua closure */
+- return *getupvalref(L, fidx, n, NULL);
++ return *getupvalref(L, fidx, n);
+ }
+ case LUA_TCCL: { /* C closure */
+ CClosure *f = clCvalue(fi);
+@@ -1286,9 +1285,10 @@ LUA_API void *lua_upvalueid (lua_State *
+
+ LUA_API void lua_upvaluejoin (lua_State *L, int fidx1, int n1,
+ int fidx2, int n2) {
+- LClosure *f1;
+- UpVal **up1 = getupvalref(L, fidx1, n1, &f1);
+- UpVal **up2 = getupvalref(L, fidx2, n2, NULL);
++ UpVal **up1 = getupvalref(L, fidx1, n1);
++ UpVal **up2 = getupvalref(L, fidx2, n2);
++ if (*up1 == *up2)
++ return;
+ luaC_upvdeccount(L, *up1);
+ *up1 = *up2;
+ (*up1)->refcount++;
projects / openwrt / staging / jow.git / commitdiff