gnu: lua-5.1: Fix CVE-2014-5461.
* gnu/packages/lua.scm (lua-5.1)[source]: Add patch. * gnu/packages/patches/lua-CVE-2014-5461: New file. * gnu/local.mk (dist_patch_DATA): Add it.
This commit is contained in:
parent
576b1aeed6
commit
32fddd8e29
@ -612,6 +612,7 @@ dist_patch_DATA = \
|
||||
%D%/packages/patches/lirc-localstatedir.patch \
|
||||
%D%/packages/patches/libpthread-glibc-preparation.patch \
|
||||
%D%/packages/patches/lm-sensors-hwmon-attrs.patch \
|
||||
%D%/packages/patches/lua-CVE-2014-5461.patch \
|
||||
%D%/packages/patches/lua-pkgconfig.patch \
|
||||
%D%/packages/patches/lua51-liblua-so.patch \
|
||||
%D%/packages/patches/lua52-liblua-so.patch \
|
||||
|
@ -3,6 +3,7 @@
|
||||
;;; Copyright © 2014 Raimon Grau <raimonster@gmail.com>
|
||||
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
|
||||
;;; Copyright © 2014 Andreas Enge <andreas@enge.fr>
|
||||
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -78,7 +79,8 @@ for configuration, scripting, and rapid prototyping.")
|
||||
version ".tar.gz"))
|
||||
(sha256
|
||||
(base32 "0cskd4w0g6rdm2q8q3i4n1h3j8kylhs3rq8mxwl9vwlmlxbgqh16"))
|
||||
(patches (search-patches "lua51-liblua-so.patch"))))))
|
||||
(patches (search-patches "lua51-liblua-so.patch"
|
||||
"lua-CVE-2014-5461.patch"))))))
|
||||
|
||||
(define-public luajit
|
||||
(package
|
||||
|
20
gnu/packages/patches/lua-CVE-2014-5461.patch
Normal file
20
gnu/packages/patches/lua-CVE-2014-5461.patch
Normal file
@ -0,0 +1,20 @@
|
||||
From: Enrico Tassi <gareuselesinge@debian.org>
|
||||
Date: Tue, 26 Aug 2014 16:20:55 +0200
|
||||
Subject: Fix stack overflow in vararg functions
|
||||
|
||||
---
|
||||
src/ldo.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/ldo.c b/src/ldo.c
|
||||
index d1bf786..30333bf 100644
|
||||
--- a/src/ldo.c
|
||||
+++ b/src/ldo.c
|
||||
@@ -274,7 +274,7 @@ int luaD_precall (lua_State *L, StkId func, int nresults) {
|
||||
CallInfo *ci;
|
||||
StkId st, base;
|
||||
Proto *p = cl->p;
|
||||
- luaD_checkstack(L, p->maxstacksize);
|
||||
+ luaD_checkstack(L, p->maxstacksize + p->numparams);
|
||||
func = restorestack(L, funcr);
|
||||
base = func + 1;
|
Loading…
Reference in New Issue
Block a user