fix CVE-2021-43519

(cherry picked from commit a18003eab791f5428f449d1d1c6f90680cf7a6bb)

backport-CVE-2021-43519.patch

@@ -0,0 +1,65 @@
+From 74d99057a5146755e737c479850f87fd0e3b6868 Mon Sep 17 00:00:00 2001
+From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
+Date: Wed, 3 Nov 2021 15:04:18 -0300
+Subject: [PATCH] Bug: C stack overflow with coroutines
+
+'coroutine.resume' did not increment counter of C calls when
+continuing execution after a protected error (that is,
+while running 'precover').
+---
+ src/ldo.c             |  6 ++++--
+ testes/cstack.lua | 14 ++++++++++++++
+ 2 files changed, 18 insertions(+), 2 deletions(-)
+
+diff --git a/src/ldo.c b/src/ldo.c
+index d0edc8b4f..66f890364 100644
+--- a/src/ldo.c
++++ b/src/ldo.c
+@@ -759,11 +759,10 @@ static void resume (lua_State *L, void *ud) {
+   StkId firstArg = L->top - n;  /* first argument */
+   CallInfo *ci = L->ci;
+   if (L->status == LUA_OK)  /* starting a coroutine? */
+-    ccall(L, firstArg - 1, LUA_MULTRET, 1);  /* just call its body */
++    ccall(L, firstArg - 1, LUA_MULTRET, 0);  /* just call its body */
+   else {  /* resuming from previous yield */
+     lua_assert(L->status == LUA_YIELD);
+     L->status = LUA_OK;  /* mark that it is running (again) */
+-    luaE_incCstack(L);  /* control the C stack */
+     if (isLua(ci)) {  /* yielded inside a hook? */
+       L->top = firstArg;  /* discard arguments */
+       luaV_execute(L, ci);  /* just continue running Lua code */
+@@ -814,6 +813,9 @@ LUA_API int lua_resume (lua_State *L, lua_State *from, int nargs,
+   else if (L->status != LUA_YIELD)  /* ended with errors? */
+     return resume_error(L, "cannot resume dead coroutine", nargs);
+   L->nCcalls = (from) ? getCcalls(from) : 0;
++  if (getCcalls(L) >= LUAI_MAXCCALLS)
++    return resume_error(L, "C stack overflow", nargs);
++  L->nCcalls++;
+   luai_userstateresume(L, nargs);
+   api_checknelems(L, (L->status == LUA_OK) ? nargs + 1 : nargs);
+   status = luaD_rawrunprotected(L, resume, &nargs);
+diff --git a/testes/cstack.lua b/testes/cstack.lua
+index 213d15d47..ca76c8729 100644
+--- a/testes/cstack.lua
++++ b/testes/cstack.lua
+@@ -103,6 +103,20 @@ do
+ end
+ 
+ 
++do    -- bug in 5.4.2
++  print("nesting coroutines running after recoverable errors")
++  local count = 0
++  local function foo()
++    count = count + 1
++    pcall(1)   -- create an error
++    -- running now inside 'precover' ("protected recover")
++    coroutine.wrap(foo)()   -- call another coroutine
++  end
++  checkerror("C stack overflow", foo)
++  print("final count: ", count)
++end
++
++
+ if T then
+   print("testing stack recovery")
+   local N = 0      -- trace number of calls

lua.spec

@@ -6,7 +6,7 @@
 
 Name:           lua
 Version:        5.4.3
-Release:        3
+Release:        4
 Summary:        A powerful, efficient, lightweight, embeddable scripting language
 License:        MIT
 URL:            http://www.lua.org/
@@ -23,6 +23,7 @@ Patch0:         lua-5.4.0-beta-autotoolize.patch
 Patch1:         lua-5.3.0-idsize.patch
 Patch2:         lua-5.2.2-configure-linux.patch
 Patch3:         lua-5.3.0-configure-compat-module.patch
+Patch6000:      backport-CVE-2021-43519.patch
 
 BuildRequires:  automake autoconf libtool readline-devel ncurses-devel
 
@@ -128,6 +129,9 @@ LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_libdir} $RPM_BUILD_ROOT/%{_bindir}/lua -e"_U=
 %{_mandir}/man1/lua*.1*
 
 %changelog
+* Fri Apr 01 2022 shixuantong <shixuantong@h-partners.com> - 5.4.3-4
+- fix CVE-2021-43519
+
 * Thu Jan 13 2022 shixuantong <shixuantong@huawei.com> - 5.4.3-3
 - delete liblua-5.3.so file