mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2025-01-25 12:09:15 -05:00
gnu: lua-5.1: Fix CVE-2014-5461.
* gnu/packages/lua.scm (lua-5.1)[source]: Add patch. * gnu/packages/patches/lua-CVE-2014-5461: New file. * gnu/local.mk (dist_patch_DATA): Add it.
This commit is contained in:
Efraim Flashner
parent
576b1aeed6
commit
32fddd8e29
3 changed files with 24 additions and 1 deletions
|
|
@ -612,6 +612,7 @@ dist_patch_DATA = \
|
||||||
%D%/packages/patches/lirc-localstatedir.patch \
|
%D%/packages/patches/lirc-localstatedir.patch \
|
||||||
%D%/packages/patches/libpthread-glibc-preparation.patch \
|
%D%/packages/patches/libpthread-glibc-preparation.patch \
|
||||||
%D%/packages/patches/lm-sensors-hwmon-attrs.patch \
|
%D%/packages/patches/lm-sensors-hwmon-attrs.patch \
|
||||||
|
%D%/packages/patches/lua-CVE-2014-5461.patch \
|
||||||
%D%/packages/patches/lua-pkgconfig.patch \
|
%D%/packages/patches/lua-pkgconfig.patch \
|
||||||
%D%/packages/patches/lua51-liblua-so.patch \
|
%D%/packages/patches/lua51-liblua-so.patch \
|
||||||
%D%/packages/patches/lua52-liblua-so.patch \
|
%D%/packages/patches/lua52-liblua-so.patch \
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,7 @@
|
||||||
;;; Copyright © 2014 Raimon Grau <raimonster@gmail.com>
|
;;; Copyright © 2014 Raimon Grau <raimonster@gmail.com>
|
||||||
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
|
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
|
||||||
;;; Copyright © 2014 Andreas Enge <andreas@enge.fr>
|
;;; Copyright © 2014 Andreas Enge <andreas@enge.fr>
|
||||||
|
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
|
||||||
;;;
|
;;;
|
||||||
;;; This file is part of GNU Guix.
|
;;; This file is part of GNU Guix.
|
||||||
;;;
|
;;;
|
||||||
|
|
@ -78,7 +79,8 @@ (define-public lua-5.1
|
||||||
version ".tar.gz"))
|
version ".tar.gz"))
|
||||||
(sha256
|
(sha256
|
||||||
(base32 "0cskd4w0g6rdm2q8q3i4n1h3j8kylhs3rq8mxwl9vwlmlxbgqh16"))
|
(base32 "0cskd4w0g6rdm2q8q3i4n1h3j8kylhs3rq8mxwl9vwlmlxbgqh16"))
|
||||||
(patches (search-patches "lua51-liblua-so.patch"))))))
|
(patches (search-patches "lua51-liblua-so.patch"
|
||||||
|
"lua-CVE-2014-5461.patch"))))))
|
||||||
|
|
||||||
(define-public luajit
|
(define-public luajit
|
||||||
(package
|
(package
|
||||||
|
|
|
||||||
20
gnu/packages/patches/lua-CVE-2014-5461.patch
Normal file
20
gnu/packages/patches/lua-CVE-2014-5461.patch
Normal file
|
|
@ -0,0 +1,20 @@
|
||||||
|
From: Enrico Tassi <gareuselesinge@debian.org>
|
||||||
|
Date: Tue, 26 Aug 2014 16:20:55 +0200
|
||||||
|
Subject: Fix stack overflow in vararg functions
|
||||||
|
|
||||||
|
---
|
||||||
|
src/ldo.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/ldo.c b/src/ldo.c
|
||||||
|
index d1bf786..30333bf 100644
|
||||||
|
--- a/src/ldo.c
|
||||||
|
+++ b/src/ldo.c
|
||||||
|
@@ -274,7 +274,7 @@ int luaD_precall (lua_State *L, StkId func, int nresults) {
|
||||||
|
CallInfo *ci;
|
||||||
|
StkId st, base;
|
||||||
|
Proto *p = cl->p;
|
||||||
|
- luaD_checkstack(L, p->maxstacksize);
|
||||||
|
+ luaD_checkstack(L, p->maxstacksize + p->numparams);
|
||||||
|
func = restorestack(L, funcr);
|
||||||
|
base = func + 1;
|
||||||
Loading…
Reference in a new issue