-
Notifications
You must be signed in to change notification settings - Fork 711
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
lua: Security Advisory - lua - CVE-2020-15888
Backport fix from https://github.com/lua/lua.git. Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Loading branch information
Showing
2 changed files
with
46 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| From 6298903e35217ab69c279056f925fb72900ce0b7 Mon Sep 17 00:00:00 2001 | ||
| From: Roberto Ierusalimschy <roberto@inf.puc-rio.br> | ||
| Date: Mon, 6 Jul 2020 12:11:54 -0300 | ||
| Subject: [PATCH] Keep minimum size when shrinking a stack | ||
|
|
||
| When shrinking a stack (during GC), do not make it smaller than the | ||
| initial stack size. | ||
| --- | ||
| ldo.c | 5 ++--- | ||
| 1 file changed, 2 insertions(+), 3 deletions(-) | ||
| ==== end of original header ==== | ||
|
|
||
| CVE: CVE-2020-15888 | ||
|
|
||
| Upstream-Status: backport [https://github.com/lua/lua.git] | ||
|
|
||
| Signed-off-by: Joe Slater <joe.slater@windriver.com> | ||
|
|
||
| ==== | ||
| diff --git a/ldo.c b/ldo.c | ||
| index c563b1d9..a89ac010 100644 | ||
| --- a/src/ldo.c | ||
| +++ b/src/ldo.c | ||
| @@ -220,7 +220,7 @@ static int stackinuse (lua_State *L) { | ||
|
|
||
| void luaD_shrinkstack (lua_State *L) { | ||
| int inuse = stackinuse(L); | ||
| - int goodsize = inuse + (inuse / 8) + 2*EXTRA_STACK; | ||
| + int goodsize = inuse + BASIC_STACK_SIZE; | ||
| if (goodsize > LUAI_MAXSTACK) | ||
| goodsize = LUAI_MAXSTACK; /* respect stack limit */ | ||
| if (L->stacksize > LUAI_MAXSTACK) /* had been handling stack overflow? */ | ||
| @@ -229,8 +229,7 @@ void luaD_shrinkstack (lua_State *L) { | ||
| luaE_shrinkCI(L); /* shrink list */ | ||
| /* if thread is currently not handling a stack overflow and its | ||
| good size is smaller than current size, shrink its stack */ | ||
| - if (inuse <= (LUAI_MAXSTACK - EXTRA_STACK) && | ||
| - goodsize < L->stacksize) | ||
| + if (inuse <= (LUAI_MAXSTACK - EXTRA_STACK) && goodsize < L->stacksize) | ||
| luaD_reallocstack(L, goodsize); | ||
| else /* don't change stack */ | ||
| condmovestack(L,{},{}); /* (change only for debugging) */ | ||
| -- | ||
| 2.17.1 | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters