packages/lua
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:bf0e21a786c448eb846215a839b08f31802da61c
Branches Tags
packages:main
...
compare: packages:16ccabe5ede1561b715f2f4e742e8c89e87166d0
Branches Tags
packages:main

10 Commits
bf0e21a786 ... 16ccabe5ed

Author SHA1 Message Date
openeuler-ci-bot
16ccabe5ed
!74 [sync] PR-70: add sw_64 support 
From: @openeuler-sync-bot 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen
 2025-03-18 05:39:06 +00:00
Hailiang
f6cd7077e0 add sw_64 support 
(cherry picked from commit baa40b5afdce5f46e7807318c29cc7ab48e9b69d)
 2025-03-17 16:38:27 +08:00
openeuler-ci-bot
46e458b51f
!65 fix Segmentation fault 
From: @wangjiang37 
Reviewed-by: @zhuofeng6, @gaoruoshu 
Signed-off-by: @gaoruoshu
 2024-08-16 01:50:59 +00:00
wangjiang
5b8c8d7755 fix Segmentation fault 2024-08-13 17:09:57 +08:00
openeuler-ci-bot
37f5c71827
!47 upgrade to version 5.4.6 
From: @markeryang 
Reviewed-by: @ziyangc 
Signed-off-by: @hubin95
 2023-06-14 07:16:26 +00:00
markeryang
c9e0424a4d upgrade to version 5.4.6 2023-06-14 11:59:22 +08:00
openeuler-ci-bot
1da05daf7f
!41 upgrade lua to version 5.4.4 
From: @hubin95 
Reviewed-by: @xiezhipeng1 
Signed-off-by: @xiezhipeng1
 2023-01-19 09:16:45 +00:00
hubin
ef4fddc773 upgrade lua to version 5.4.4 
Signed-off-by: hubin <hubin73@huawei.com>
 2023-01-19 16:47:20 +08:00
openeuler-ci-bot
621f043634
!39 [sync] PR-37: add support for LoongArch 
From: @openeuler-sync-bot 
Reviewed-by: @lvying6 
Signed-off-by: @lvying6
 2023-01-04 02:44:46 +00:00
lyn1001
66ad2dee5a add support for LoongArch 
(cherry picked from commit 9255caa48a2ac34c40be7e7e3a8a282ffa762501)
 2022-12-26 14:59:50 +08:00
15 changed files with 276 additions and 562 deletions
Show Stats Expand all files Collapse all files

236
backport-Bug-Recursion-in-getobjname-can-stack-overflow.patch Normal file
View File

@ -0,0 +1,236 @@
From 7923dbbf72da303ca1cca17efd24725668992f15 Mon Sep 17 00:00:00 2001
From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date: Wed, 1 Nov 2023 12:00:54 -0300
Subject: [PATCH 3/3] Bug: Recursion in 'getobjname' can stack overflow
'getobjname' now broken in two, a basic version that handles locals,
upvalues, and constants, and a full version, which uses the basic
version to handle table accesses (globals and fields).
Reference:https://github.com/lua/lua/commit/7923dbbf72da303ca1cca17efd24725668992f15
Conflict:lua-5.4.6-tests/errors.lua, src/ldebug.c
---
lua-5.4.6-tests/errors.lua | 3 +
src/ldebug.c | 154 ++++++++++++++++++++-----------------
2 files changed, 87 insertions(+), 70 deletions(-)
diff --git a/lua-5.4.6-tests/errors.lua b/lua-5.4.6-tests/errors.lua
index a3d0676..5cef9e1 100644
--- a/lua-5.4.6-tests/errors.lua
+++ b/lua-5.4.6-tests/errors.lua
@@ -123,6 +123,9 @@ assert(not string.find(doit"a={13}; local bbbb=1; a[bbbb](3)", "'bbbb'"))
_G.aaa, _G.bbbb = nil
+-- bug in 5.4.6
+checkmessage("a = {_ENV = {}}; print(a._ENV.x + 1)", "field 'x'")
+
-- calls
checkmessage("local a; a(13)", "local 'a'")
checkmessage([[
diff --git a/src/ldebug.c b/src/ldebug.c
index 5524fae..c605a8a 100644
--- a/src/ldebug.c
+++ b/src/ldebug.c
@@ -417,41 +417,6 @@ LUA_API int lua_getinfo (lua_State *L, const char *what, lua_Debug *ar) {
** =======================================================
*/
-static const char *getobjname (const Proto *p, int lastpc, int reg,
- const char **name);
-
-
-/*
-** Find a "name" for the constant 'c'.
-*/
-static void kname (const Proto *p, int c, const char **name) {
- TValue *kvalue = &p->k[c];
- *name = (ttisstring(kvalue)) ? svalue(kvalue) : "?";
-}
-
-
-/*
-** Find a "name" for the register 'c'.
-*/
-static void rname (const Proto *p, int pc, int c, const char **name) {
- const char *what = getobjname(p, pc, c, name); /* search for 'c' */
- if (!(what && *what == 'c')) /* did not find a constant name? */
- *name = "?";
-}
-
-
-/*
-** Find a "name" for a 'C' value in an RK instruction.
-*/
-static void rkname (const Proto *p, int pc, Instruction i, const char **name) {
- int c = GETARG_C(i); /* key index */
- if (GETARG_k(i)) /* is 'c' a constant? */
- kname(p, c, name);
- else /* 'c' is a register */
- rname(p, pc, c, name);
-}
-
-
static int filterpc (int pc, int jmptarget) {
if (pc < jmptarget) /* is code conditional (inside a jump)? */
return -1; /* cannot know who sets that register */
@@ -509,28 +474,29 @@ static int findsetreg (const Proto *p, int lastpc, int reg) {
/*
-** Check whether table being indexed by instruction 'i' is the
-** environment '_ENV'
+** Find a "name" for the constant 'c'.
*/
-static const char *gxf (const Proto *p, int pc, Instruction i, int isup) {
- int t = GETARG_B(i); /* table index */
- const char *name; /* name of indexed variable */
- if (isup) /* is an upvalue? */
- name = upvalname(p, t);
- else
- getobjname(p, pc, t, &name);
- return (name && strcmp(name, LUA_ENV) == 0) ? "global" : "field";
+static const char *kname (const Proto *p, int index, const char **name) {
+ TValue *kvalue = &p->k[index];
+ if (ttisstring(kvalue)) {
+ *name = getstr(tsvalue(kvalue));
+ return "constant";
+ }
+ else {
+ *name = "?";
+ return NULL;
+ }
}
-static const char *getobjname (const Proto *p, int lastpc, int reg,
- const char **name) {
- int pc;
- *name = luaF_getlocalname(p, reg + 1, lastpc);
+static const char *basicgetobjname (const Proto *p, int *ppc, int reg,
+ const char **name) {
+ int pc = *ppc;
+ *name = luaF_getlocalname(p, reg + 1, pc);
if (*name) /* is a local? */
return "local";
/* else try symbolic execution */
- pc = findsetreg(p, lastpc, reg);
+ *ppc = pc = findsetreg(p, pc, reg);
if (pc != -1) { /* could find instruction? */
Instruction i = p->code[pc];
OpCode op = GET_OPCODE(i);
@@ -538,18 +504,80 @@ static const char *getobjname (const Proto *p, int lastpc, int reg,
case OP_MOVE: {
int b = GETARG_B(i); /* move from 'b' to 'a' */
if (b < GETARG_A(i))
- return getobjname(p, pc, b, name); /* get name for 'b' */
+ return basicgetobjname(p, ppc, b, name); /* get name for 'b' */
break;
}
+ case OP_GETUPVAL: {
+ *name = upvalname(p, GETARG_B(i));
+ return "upvalue";
+ }
+ case OP_LOADK: return kname(p, GETARG_Bx(i), name);
+ case OP_LOADKX: return kname(p, GETARG_Ax(p->code[pc + 1]), name);
+ default: break;
+ }
+ }
+ return NULL; /* could not find reasonable name */
+}
+
+
+/*
+** Find a "name" for the register 'c'.
+*/
+static void rname (const Proto *p, int pc, int c, const char **name) {
+ const char *what = basicgetobjname(p, &pc, c, name); /* search for 'c' */
+ if (!(what && *what == 'c')) /* did not find a constant name? */
+ *name = "?";
+}
+
+
+/*
+** Find a "name" for a 'C' value in an RK instruction.
+*/
+static void rkname (const Proto *p, int pc, Instruction i, const char **name) {
+ int c = GETARG_C(i); /* key index */
+ if (GETARG_k(i)) /* is 'c' a constant? */
+ kname(p, c, name);
+ else /* 'c' is a register */
+ rname(p, pc, c, name);
+}
+
+
+/*
+** Check whether table being indexed by instruction 'i' is the
+** environment '_ENV'
+*/
+static const char *isEnv (const Proto *p, int pc, Instruction i, int isup) {
+ int t = GETARG_B(i); /* table index */
+ const char *name; /* name of indexed variable */
+ if (isup) /* is 't' an upvalue? */
+ name = upvalname(p, t);
+ else /* 't' is a register */
+ basicgetobjname(p, &pc, t, &name);
+ return (name && strcmp(name, LUA_ENV) == 0) ? "global" : "field";
+}
+
+
+/*
+** Extend 'basicgetobjname' to handle table accesses
+*/
+static const char *getobjname (const Proto *p, int lastpc, int reg,
+ const char **name) {
+ const char *kind = basicgetobjname(p, &lastpc, reg, name);
+ if (kind != NULL)
+ return kind;
+ else if (lastpc != -1) { /* could find instruction? */
+ Instruction i = p->code[lastpc];
+ OpCode op = GET_OPCODE(i);
+ switch (op) {
case OP_GETTABUP: {
int k = GETARG_C(i); /* key index */
kname(p, k, name);
- return gxf(p, pc, i, 1);
+ return isEnv(p, lastpc, i, 1);
}
case OP_GETTABLE: {
int k = GETARG_C(i); /* key index */
- rname(p, pc, k, name);
- return gxf(p, pc, i, 0);
+ rname(p, lastpc, k, name);
+ return isEnv(p, lastpc, i, 0);
}
case OP_GETI: {
*name = "integer index";
@@ -558,24 +586,10 @@ static const char *getobjname (const Proto *p, int lastpc, int reg,
case OP_GETFIELD: {
int k = GETARG_C(i); /* key index */
kname(p, k, name);
- return gxf(p, pc, i, 0);
- }
- case OP_GETUPVAL: {
- *name = upvalname(p, GETARG_B(i));
- return "upvalue";
- }
- case OP_LOADK:
- case OP_LOADKX: {
- int b = (op == OP_LOADK) ? GETARG_Bx(i)
- : GETARG_Ax(p->code[pc + 1]);
- if (ttisstring(&p->k[b])) {
- *name = svalue(&p->k[b]);
- return "constant";
- }
- break;
+ return isEnv(p, lastpc, i, 0);
}
case OP_SELF: {
- rkname(p, pc, i, name);
+ rkname(p, lastpc, i, name);
return "method";
}
default: break; /* go through to return NULL */
--
2.33.0

68
backport-CVE-2021-43519.patch
View File

@ -1,68 +0,0 @@
From 74d99057a5146755e737c479850f87fd0e3b6868 Mon Sep 17 00:00:00 2001
From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date: Wed, 3 Nov 2021 15:04:18 -0300
Subject: [PATCH] Bug: C stack overflow with coroutines
'coroutine.resume' did not increment counter of C calls when
continuing execution after a protected error (that is,
while running 'precover').
---
lua-5.4.3-tests/cstack.lua | 14 ++++++++++++++
src/ldo.c | 6 ++++--
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/lua-5.4.3-tests/cstack.lua b/lua-5.4.3-tests/cstack.lua
index 213d15d..ca76c87 100644
--- a/lua-5.4.3-tests/cstack.lua
+++ b/lua-5.4.3-tests/cstack.lua
@@ -103,6 +103,20 @@ do
end
+do -- bug in 5.4.2
+ print("nesting coroutines running after recoverable errors")
+ local count = 0
+ local function foo()
+ count = count + 1
+ pcall(1) -- create an error
+ -- running now inside 'precover' ("protected recover")
+ coroutine.wrap(foo)() -- call another coroutine
+ end
+ checkerror("C stack overflow", foo)
+ print("final count: ", count)
+end
+
+
if T then
print("testing stack recovery")
local N = 0 -- trace number of calls
diff --git a/src/ldo.c b/src/ldo.c
index 7135079..ca558fd 100644
--- a/src/ldo.c
+++ b/src/ldo.c
@@ -728,11 +728,10 @@ static void resume (lua_State *L, void *ud) {
StkId firstArg = L->top - n; /* first argument */
CallInfo *ci = L->ci;
if (L->status == LUA_OK) /* starting a coroutine? */
- ccall(L, firstArg - 1, LUA_MULTRET, 1); /* just call its body */
+ ccall(L, firstArg - 1, LUA_MULTRET, 0); /* just call its body */
else { /* resuming from previous yield */
lua_assert(L->status == LUA_YIELD);
L->status = LUA_OK; /* mark that it is running (again) */
- luaE_incCstack(L); /* control the C stack */
if (isLua(ci)) { /* yielded inside a hook? */
L->top = firstArg; /* discard arguments */
luaV_execute(L, ci); /* just continue running Lua code */
@@ -783,6 +782,9 @@ LUA_API int lua_resume (lua_State *L, lua_State *from, int nargs,
else if (L->status != LUA_YIELD) /* ended with errors? */
return resume_error(L, "cannot resume dead coroutine", nargs);
L->nCcalls = (from) ? getCcalls(from) : 0;
+ if (getCcalls(L) >= LUAI_MAXCCALLS)
+ return resume_error(L, "C stack overflow", nargs);
+ L->nCcalls++;
luai_userstateresume(L, nargs);
api_checknelems(L, (L->status == LUA_OK) ? nargs + 1 : nargs);
status = luaD_rawrunprotected(L, resume, &nargs);
--
1.8.3.1

24
backport-CVE-2021-44647.patch
View File

@ -1,24 +0,0 @@
From 1de95e97ef65632a88e08b6184bd9d1ceba7ec2f Mon Sep 17 00:00:00 2001
From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date: Fri, 10 Dec 2021 10:53:54 -0300
Subject: [PATCH] Bug: Lua stack still active when closing a state
---
src/lstate.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/lstate.c b/src/lstate.c
index c5e3b43..38da773 100644
--- a/src/lstate.c
+++ b/src/lstate.c
@@ -271,6 +271,7 @@ static void close_state (lua_State *L) {
if (!completestate(g)) /* closing a partially built state? */
luaC_freeallobjects(L); /* jucst collect its objects */
else { /* closing a fully built state */
+ L->ci = &L->base_ci; /* unwind CallInfo list */
luaD_closeprotected(L, 1, LUA_OK); /* close all upvalues */
luaC_freeallobjects(L); /* collect all objects */
luai_userstateclose(L);
--
1.8.3.1

297
backport-CVE-2021-44964.patch
View File

@ -1,297 +0,0 @@
From 0bfc572e51d9035a615ef6e9523f736c9ffa8e57 Mon Sep 17 00:00:00 2001
From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date: Mon, 13 Dec 2021 10:41:17 -0300
Subject: [PATCH] Bug: GC is not reentrant
As the GC is not reentrant, finalizers should not be able to invoke it.
---
lua-5.4.3-tests/api.lua | 5 ++---
lua-5.4.3-tests/gc.lua | 6 ++++--
src/lapi.c | 17 +++++++++--------
src/lbaselib.c | 19 +++++++++++++++++--
src/lgc.c | 11 +++++++----
src/lgc.h | 9 +++++++++
src/lstate.c | 4 ++--
src/lstate.h | 2 +-
8 files changed, 51 insertions(+), 22 deletions(-)
diff --git a/lua-5.4.3-tests/api.lua b/lua-5.4.3-tests/api.lua
index c1bcb4b..bd85a92 100644
--- a/lua-5.4.3-tests/api.lua
+++ b/lua-5.4.3-tests/api.lua
@@ -804,15 +804,14 @@ F = function (x)
d = nil
assert(debug.getmetatable(x).__gc == F)
assert(load("table.insert({}, {})"))() -- create more garbage
- collectgarbage() -- force a GC during GC
- assert(debug.getmetatable(x).__gc == F) -- previous GC did not mess this?
+ assert(not collectgarbage()) -- GC during GC (no op)
local dummy = {} -- create more garbage during GC
if A ~= nil then
assert(type(A) == "userdata")
assert(T.udataval(A) == B)
debug.getmetatable(A) -- just access it
end
- A = x -- ressucita userdata
+ A = x -- ressurect userdata
B = udval
return 1,2,3
end
diff --git a/lua-5.4.3-tests/gc.lua b/lua-5.4.3-tests/gc.lua
index 2332c93..d865cb2 100644
--- a/lua-5.4.3-tests/gc.lua
+++ b/lua-5.4.3-tests/gc.lua
@@ -676,11 +676,13 @@ end
-- just to make sure
assert(collectgarbage'isrunning')
-do -- check that the collector is reentrant in incremental mode
+do -- check that the collector is not reentrant in incremental mode
+ local res = true
setmetatable({}, {__gc = function ()
- collectgarbage()
+ res = collectgarbage()
end})
collectgarbage()
+ assert(not res)
end
diff --git a/src/lapi.c b/src/lapi.c
index f8f70cd..7b96979 100644
--- a/src/lapi.c
+++ b/src/lapi.c
@@ -1126,18 +1126,19 @@ LUA_API int lua_status (lua_State *L) {
LUA_API int lua_gc (lua_State *L, int what, ...) {
va_list argp;
int res = 0;
- global_State *g;
+ global_State *g = G(L);
+ if (g->gcstp & GCSTPGC) /* internal stop? */
+ return -1; /* all options are invalid when stopped */
lua_lock(L);
- g = G(L);
va_start(argp, what);
switch (what) {
case LUA_GCSTOP: {
- g->gcrunning = 0;
+ g->gcstp = GCSTPUSR; /* stopeed by the user */
break;
}
case LUA_GCRESTART: {
luaE_setdebt(g, 0);
- g->gcrunning = 1;
+ g->gcstp = 0; /* (GCSTPGC must be already zero here) */
break;
}
case LUA_GCCOLLECT: {
@@ -1156,8 +1157,8 @@ LUA_API int lua_gc (lua_State *L, int what, ...) {
case LUA_GCSTEP: {
int data = va_arg(argp, int);
l_mem debt = 1; /* =1 to signal that it did an actual step */
- lu_byte oldrunning = g->gcrunning;
- g->gcrunning = 1; /* allow GC to run */
+ lu_byte oldstp = g->gcstp;
+ g->gcstp = 0; /* allow GC to run (GCSTPGC must be zero here) */
if (data == 0) {
luaE_setdebt(g, 0); /* do a basic step */
luaC_step(L);
@@ -1167,7 +1168,7 @@ LUA_API int lua_gc (lua_State *L, int what, ...) {
luaE_setdebt(g, debt);
luaC_checkGC(L);
}
- g->gcrunning = oldrunning; /* restore previous state */
+ g->gcstp = oldstp; /* restore previous state */
if (debt > 0 && g->gcstate == GCSpause) /* end of cycle? */
res = 1; /* signal it */
break;
@@ -1185,7 +1186,7 @@ LUA_API int lua_gc (lua_State *L, int what, ...) {
break;
}
case LUA_GCISRUNNING: {
- res = g->gcrunning;
+ res = gcrunning(g);
break;
}
case LUA_GCGEN: {
diff --git a/src/lbaselib.c b/src/lbaselib.c
index 83ad306..82abd94 100644
--- a/src/lbaselib.c
+++ b/src/lbaselib.c
@@ -182,12 +182,20 @@ static int luaB_rawset (lua_State *L) {
static int pushmode (lua_State *L, int oldmode) {
- lua_pushstring(L, (oldmode == LUA_GCINC) ? "incremental"
- : "generational");
+ if (oldmode == -1)
+ luaL_pushfail(L); /* invalid call to 'lua_gc' */
+ else
+ lua_pushstring(L, (oldmode == LUA_GCINC) ? "incremental"
+ : "generational");
return 1;
}
+/*
+** check whether call to 'lua_gc' was valid (not inside a finalizer)
+*/
+#define checkvalres(res) { if (res == -1) break; }
+
static int luaB_collectgarbage (lua_State *L) {
static const char *const opts[] = {"stop", "restart", "collect",
"count", "step", "setpause", "setstepmul",
@@ -200,12 +208,14 @@ static int luaB_collectgarbage (lua_State *L) {
case LUA_GCCOUNT: {
int k = lua_gc(L, o);
int b = lua_gc(L, LUA_GCCOUNTB);
+ checkvalres(k);
lua_pushnumber(L, (lua_Number)k + ((lua_Number)b/1024));
return 1;
}
case LUA_GCSTEP: {
int step = (int)luaL_optinteger(L, 2, 0);
int res = lua_gc(L, o, step);
+ checkvalres(res);
lua_pushboolean(L, res);
return 1;
}
@@ -213,11 +223,13 @@ static int luaB_collectgarbage (lua_State *L) {
case LUA_GCSETSTEPMUL: {
int p = (int)luaL_optinteger(L, 2, 0);
int previous = lua_gc(L, o, p);
+ checkvalres(previous);
lua_pushinteger(L, previous);
return 1;
}
case LUA_GCISRUNNING: {
int res = lua_gc(L, o);
+ checkvalres(res);
lua_pushboolean(L, res);
return 1;
}
@@ -234,10 +246,13 @@ static int luaB_collectgarbage (lua_State *L) {
}
default: {
int res = lua_gc(L, o);
+ checkvalres(res);
lua_pushinteger(L, res);
return 1;
}
}
+ luaL_pushfail(L); /* invalid call (inside a finalizer) */
+ return 1;
}
diff --git a/src/lgc.c b/src/lgc.c
index b360eed..7d0b5e4 100644
--- a/src/lgc.c
+++ b/src/lgc.c
@@ -906,16 +906,16 @@ static void GCTM (lua_State *L) {
if (!notm(tm)) { /* is there a finalizer? */
int status;
lu_byte oldah = L->allowhook;
- int running = g->gcrunning;
+ int oldgcstp = g->gcstp;
+ g->gcstp = GCSTPGC; /* avoid GC steps */
L->allowhook = 0; /* stop debug hooks during GC metamethod */
- g->gcrunning = 0; /* avoid GC steps */
setobj2s(L, L->top++, tm); /* push finalizer... */
setobj2s(L, L->top++, &v); /* ... and its argument */
L->ci->callstatus |= CIST_FIN; /* will run a finalizer */
status = luaD_pcall(L, dothecall, NULL, savestack(L, L->top - 2), 0);
L->ci->callstatus &= ~CIST_FIN; /* not running a finalizer anymore */
L->allowhook = oldah; /* restore hooks */
- g->gcrunning = running; /* restore state */
+ g->gcstp = oldgcstp; /* restore state */
if (l_unlikely(status != LUA_OK)) { /* error while running __gc? */
luaE_warnerror(L, "__gc metamethod");
L->top--; /* pops error object */
@@ -1502,9 +1502,11 @@ static void deletelist (lua_State *L, GCObject *p, GCObject *limit) {
*/
void luaC_freeallobjects (lua_State *L) {
global_State *g = G(L);
+ g->gcstp = GCSTPGC;
luaC_changemode(L, KGC_INC);
separatetobefnz(g, 1); /* separate all objects with finalizers */
lua_assert(g->finobj == NULL);
+ g->gcstp = 0;
callallpendingfinalizers(L);
deletelist(L, g->allgc, obj2gco(g->mainthread));
deletelist(L, g->finobj, NULL);
@@ -1647,6 +1649,7 @@ void luaC_runtilstate (lua_State *L, int statesmask) {
}
+
/*
** Performs a basic incremental step. The debt and step size are
** converted from bytes to "units of work"; then the function loops
@@ -1678,7 +1681,7 @@ static void incstep (lua_State *L, global_State *g) {
void luaC_step (lua_State *L) {
global_State *g = G(L);
lua_assert(!g->gcemergency);
- if (g->gcrunning) { /* running? */
+ if (gcrunning(g)) { /* running? */
if(isdecGCmodegen(g))
genstep(L, g);
else
diff --git a/src/lgc.h b/src/lgc.h
index 073e2a4..024a432 100644
--- a/src/lgc.h
+++ b/src/lgc.h
@@ -148,6 +148,15 @@
*/
#define isdecGCmodegen(g) (g->gckind == KGC_GEN || g->lastatomic != 0)
+
+/*
+** Control when GC is running:
+*/
+#define GCSTPUSR 1 /* bit true when GC stopped by user */
+#define GCSTPGC 2 /* bit true when GC stopped by itself */
+#define gcrunning(g) ((g)->gcstp == 0)
+
+
/*
** Does one step of collection when debt becomes positive. 'pre'/'pos'
** allows some adjustments to be done only when needed. macro
diff --git a/src/lstate.c b/src/lstate.c
index 38da773..59b4f21 100644
--- a/src/lstate.c
+++ b/src/lstate.c
@@ -236,7 +236,7 @@ static void f_luaopen (lua_State *L, void *ud) {
luaS_init(L);
luaT_init(L);
luaX_init(L);
- g->gcrunning = 1; /* allow gc */
+ g->gcstp = 0; /* allow gc */
setnilvalue(&g->nilvalue); /* now state is complete */
luai_userstateopen(L);
}
@@ -373,7 +373,7 @@ LUA_API lua_State *lua_newstate (lua_Alloc f, void *ud) {
g->ud_warn = NULL;
g->mainthread = L;
g->seed = luai_makeseed(L);
- g->gcrunning = 0; /* no GC while building state */
+ g->gcstp = GCSTPGC; /* no GC while building state */
g->strt.size = g->strt.nuse = 0;
g->strt.hash = NULL;
setnilvalue(&g->l_registry);
diff --git a/src/lstate.h b/src/lstate.h
index c1283bb..0d2099f 100644
--- a/src/lstate.h
+++ b/src/lstate.h
@@ -263,7 +263,7 @@ typedef struct global_State {
lu_byte gcstopem; /* stops emergency collections */
lu_byte genminormul; /* control for minor generational collections */
lu_byte genmajormul; /* control for major generational collections */
- lu_byte gcrunning; /* true if GC is running */
+ lu_byte gcstp; /* control whether GC is running */
lu_byte gcemergency; /* true if this is an emergency collection */
lu_byte gcpause; /* size of pause between successive GCs */
lu_byte gcstepmul; /* GC "speed" */
--
2.33.0

46
backport-CVE-2022-28805.patch
View File

@ -1,46 +0,0 @@
From 1f3c6f4534c6411313361697d98d1145a1f030fa Mon Sep 17 00:00:00 2001
From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date: Tue, 15 Feb 2022 12:28:46 -0300
Subject: [PATCH] Bug: Lua can generate wrong code when _ENV is <const>
---
lua-5.4.3-tests/attrib.lua | 10 ++++++++++
src/lparser.c | 1 +
2 files changed, 11 insertions(+)
diff --git a/lua-5.4.3-tests/attrib.lua b/lua-5.4.3-tests/attrib.lua
index b1076c7..83821c0 100644
--- a/lua-5.4.3-tests/attrib.lua
+++ b/lua-5.4.3-tests/attrib.lua
@@ -434,6 +434,16 @@ a.aVeryLongName012345678901234567890123456789012345678901234567890123456789 ==
10)
+do
+ -- _ENV constant
+ local function foo ()
+ local _ENV <const> = 11
+ X = "hi"
+ end
+ local st, msg = pcall(foo)
+ assert(not st and string.find(msg, "number"))
+end
+
-- test of large float/integer indices
diff --git a/src/lparser.c b/src/lparser.c
index 284ef1f..0626833 100644
--- a/src/lparser.c
+++ b/src/lparser.c
@@ -457,6 +457,7 @@ static void singlevar (LexState *ls, expdesc *var) {
expdesc key;
singlevaraux(fs, ls->envn, var, 1); /* get environment variable */
lua_assert(var->k != VVOID); /* this one must exist */
+ luaK_exp2anyregup(fs, var); /* but could be a constant */
codestring(&key, varname); /* key is variable name */
luaK_indexed(fs, var, &key); /* env[varname] */
}
--
1.8.3.1

62
backport-CVE-2022-33099.patch
View File

@ -1,62 +0,0 @@
From 42d40581dd919fb134c07027ca1ce0844c670daf Mon Sep 17 00:00:00 2001
From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date: Fri, 20 May 2022 13:14:33 -0300
Subject: [PATCH] Save stack space while handling errors
Because error handling (luaG_errormsg) uses slots from EXTRA_STACK,
and some errors can recur (e.g., string overflow while creating an
error message in 'luaG_runerror', or a C-stack overflow before calling
the message handler), the code should use stack slots with parsimony.
This commit fixes the bug "Lua-stack overflow when C stack overflows
while handling an error".
---
src/ldebug.c | 5 ++++-
src/lvm.c | 6 ++++--
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/src/ldebug.c b/src/ldebug.c
index 1feaab2..5524fae 100644
--- a/src/ldebug.c
+++ b/src/ldebug.c
@@ -783,8 +783,11 @@ l_noret luaG_runerror (lua_State *L, const char *fmt, ...) {
va_start(argp, fmt);
msg = luaO_pushvfstring(L, fmt, argp); /* format message */
va_end(argp);
- if (isLua(ci)) /* if Lua function, add source:line information */
+ if (isLua(ci)) { /* if Lua function, add source:line information */
luaG_addinfo(L, msg, ci_func(ci)->p->source, getcurrentline(ci));
+ setobjs2s(L, L->top - 2, L->top - 1); /* remove 'msg' from the stack */
+ L->top--;
+ }
luaG_errormsg(L);
}
diff --git a/src/lvm.c b/src/lvm.c
index c9729bc..a965087 100644
--- a/src/lvm.c
+++ b/src/lvm.c
@@ -656,8 +656,10 @@ void luaV_concat (lua_State *L, int total) {
/* collect total length and number of strings */
for (n = 1; n < total && tostring(L, s2v(top - n - 1)); n++) {
size_t l = vslen(s2v(top - n - 1));
- if (l_unlikely(l >= (MAX_SIZE/sizeof(char)) - tl))
+ if (l_unlikely(l >= (MAX_SIZE/sizeof(char)) - tl)) {
+ L->top = top - total; /* pop strings to avoid wasting stack */
luaG_runerror(L, "string length overflow");
+ }
tl += l;
}
if (tl <= LUAI_MAXSHORTLEN) { /* is result a short string? */
@@ -672,7 +674,7 @@ void luaV_concat (lua_State *L, int total) {
setsvalue2s(L, top - n, ts); /* create result */
}
total -= n-1; /* got 'n' strings to create 1 new */
- L->top -= n-1; /* popped 'n' strings and pushed one */
+ L->top = top - (n - 1); /* popped 'n' strings and pushed one */
} while (total > 1); /* repeat until only 1 result left */
}
--
2.33.0

37
backport-luaV_concat-can-use-invalidated-pointer-to-stack.patch
View File

@ -1,37 +0,0 @@
From 603b2c64add5fbf4b7343525cf109af0c7077695 Mon Sep 17 00:00:00 2001
From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date: Mon, 23 May 2022 17:50:47 -0300
Subject: [PATCH] 'luaV_concat' can use invalidated pointer to stack
Bug introduced in commit 42d40581.
---
src/lvm.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/lvm.c b/src/lvm.c
index cd992aa..614df05 100644
--- a/src/lvm.c
+++ b/src/lvm.c
@@ -643,7 +643,7 @@ void luaV_concat (lua_State *L, int total) {
int n = 2; /* number of elements handled in this pass (at least 2) */
if (!(ttisstring(s2v(top - 2)) || cvt2str(s2v(top - 2))) ||
!tostring(L, s2v(top - 1)))
- luaT_tryconcatTM(L);
+ luaT_tryconcatTM(L); /* may invalidate 'top' */
else if (isemptystr(s2v(top - 1))) /* second operand is empty? */
cast_void(tostring(L, s2v(top - 2))); /* result is first operand */
else if (isemptystr(s2v(top - 2))) { /* first operand is empty string? */
@@ -673,8 +673,8 @@ void luaV_concat (lua_State *L, int total) {
}
setsvalue2s(L, top - n, ts); /* create result */
}
- total -= n-1; /* got 'n' strings to create 1 new */
- L->top = top - (n - 1); /* popped 'n' strings and pushed one */
+ total -= n - 1; /* got 'n' strings to create one new */
+ L->top -= n - 1; /* popped 'n' strings and pushed one */
} while (total > 1); /* repeat until only 1 result left */
}
--
1.8.3.1

12
lua-5.3.0-idsize.patch
View File

@ -1,12 +0,0 @@
diff -up lua-5.3.0/src/luaconf.h.template.in.idsize lua-5.3.0/src/luaconf.h.template.in
--- lua-5.3.0/src/luaconf.h.template.in.idsize 2015-01-15 10:23:20.515801344 -0500
+++ lua-5.3.0/src/luaconf.h.template.in 2015-01-15 10:23:48.955651916 -0500
@@ -693,7 +693,7 @@
@@ of a function in debug information.
** CHANGE it if you want a different size.
*/
-#define LUA_IDSIZE 60
+#define LUA_IDSIZE 512
/*

BIN
lua-5.4.3-tests.tar.gz
View File

Binary file not shown.

BIN
lua-5.4.3.tar.gz
View File

Binary file not shown.

14
lua-5.4.6-idsize.patch Normal file
View File

@ -0,0 +1,14 @@
diff --git a/src/luaconf.h.template.in b/src/luaconf.h.template.in
index 1e32333..601d10e 100644
--- a/src/luaconf.h.template.in
+++ b/src/luaconf.h.template.in
@@ -762,7 +762,7 @@
** of a function in debug information.
** CHANGE it if you want a different size.
*/
-#define LUA_IDSIZE 60
+#define LUA_IDSIZE 512
/*

BIN
lua-5.4.6-tests.tar.gz Normal file
View File

Binary file not shown.

BIN
lua-5.4.6.tar.gz Normal file
View File

Binary file not shown.

38
lua.spec
View File

@ -1,12 +1,12 @@
%global major_version 5.4
# test version is still 5.4.3
%global test_version 5.4.3
# test version is 5.4.6
%global test_version 5.4.6
# Place rpm-macros into proper location.
%global macrosdir %(d=%{_rpmconfigdir}/macros.d; [ -d $d ] || d=%{_sysconfdir}/rpm; echo $d)
Name: lua
Version: 5.4.3
Release: 9
Version: 5.4.6
Release: 3
Summary: A powerful, efficient, lightweight, embeddable scripting language
License: MIT
URL: http://www.lua.org/
@ -20,15 +20,11 @@ Source3: mit.txt
# rpm-macro
Source1000: macros.lua
Patch0: lua-5.4.0-beta-autotoolize.patch
Patch1: lua-5.3.0-idsize.patch
Patch1: lua-5.4.6-idsize.patch
Patch2: lua-5.2.2-configure-linux.patch
Patch3: lua-5.3.0-configure-compat-module.patch
Patch6000: backport-CVE-2021-43519.patch
Patch6001: backport-CVE-2021-44647.patch
Patch6002: backport-CVE-2022-28805.patch
Patch6003: backport-CVE-2022-33099.patch
Patch6004: backport-CVE-2021-44964.patch
Patch6005: backport-luaV_concat-can-use-invalidated-pointer-to-stack.patch
Patch6000: backport-Bug-Recursion-in-getobjname-can-stack-overflow.patch
BuildRequires: automake autoconf libtool readline-devel ncurses-devel
@ -62,11 +58,6 @@ mv src/luaconf.h src/luaconf.h.template.in
%patch2 -p1 -z .configure-linux
%patch3 -p1 -z .configure-compat-all
%patch6000 -p1
%patch6001 -p1
%patch6002 -p1
%patch6003 -p1
%patch6004 -p1
%patch6005 -p1
# Put proper version in configure.ac, patch0 hardcodes 5.3.0
sed -i 's|5.3.0|%{version}|g' configure.ac
@ -141,6 +132,21 @@ LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_libdir} $RPM_BUILD_ROOT/%{_bindir}/lua -e"_U=
%{_mandir}/man1/lua*.1*
%changelog
* Fri Mar 14 2025 mahailiang <mahailiang@uniontech.com> - 5.4.6-3
- add sw_64 support
* Tue Aug 13 2024 wangjiang <wangjiang37@h-partners.com> - 5.4.6-2
- fix Segmentation fault
* Wed Jun 14 2023 yanglongkang <yanglongkang@h-partners.com> - 5.4.6-1
- upgrade to version 5.4.6
* Thu Jan 19 2023 hubin <hubin73@huawei.com> - 5.4.4-1
- upgrade to version 5.4.4
* Mon Dec 26 2022 liyanan <liyanan32@h-partners.com> - 5.4.3-10
- add support for LoongArch
* Wed Sep 21 2022 renhongxun <renhongxun@h-partners.com> - 5.4.3-9
- bugfix with upstream patch

4
luaconf.h
View File

@ -54,6 +54,10 @@
#include "luaconf-mips.h"
#elif defined(__riscv)
#include "luaconf-riscv64.h"
#elif defined(__loongarch64)
#include "luaconf-loongarch64.h"
#elif defined(__sw_64__)
#include "luaconf-sw_64.h"
#else
#error "The lua-devel package is not usable with the architecture."
#endif