lua51: patch for CVE-2014-5461 via OpenBSD.

This commit is contained in:
Juan RP 2014-09-10 09:17:59 +02:00
parent 638a892997
commit f9e1c115e6
2 changed files with 15 additions and 1 deletions

View file

@ -0,0 +1,14 @@
Security fix for CVE-2014-5461,
http://openwall.com/lists/oss-security/2014/08/27/2
--- src/ldo.c.orig Tue Sep 9 15:32:24 2014
+++ src/ldo.c Tue Sep 9 15:33:46 2014
@@ -217,7 +217,7 @@ static StkId adjust_varargs (lua_State *L, Proto *p, i
int nvar = actual - nfixargs; /* number of extra arguments */
lua_assert(p->is_vararg & VARARG_HASARG);
luaC_checkGC(L);
- luaD_checkstack(L, p->maxstacksize);
+ luaD_checkstack(L, p->maxstacksize + p->numparams);
htab = luaH_new(L, nvar, 1); /* create `arg' table */
for (i=0; i<nvar; i++) /* put extra arguments into `arg' table */
setobj2n(L, luaH_setnum(L, htab, i+1), L->top - nvar + i);

View file

@ -1,7 +1,7 @@
# Template file for 'lua51' # Template file for 'lua51'
pkgname=lua51 pkgname=lua51
version=5.1.5 version=5.1.5
revision=4 revision=5
wrksrc="lua-${version}" wrksrc="lua-${version}"
makedepends="ncurses-devel readline-devel>=6.3" makedepends="ncurses-devel readline-devel>=6.3"
short_desc="Powerful, fast, lightweight, embeddable scripting language (5.1.x)" short_desc="Powerful, fast, lightweight, embeddable scripting language (5.1.x)"