[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: bug in lua_setfenv
- From: roberto@... (Roberto Ierusalimschy)
- Date: Wed, 28 Nov 2007 16:18:57 -0200
Reported by Mike Pall:
lua_setfenv may crash if called over an invalid object:
Lua 5.1.2 Copyright (C) 1994-2007 Lua.org, PUC-Rio
> debug.setfenv(3, {})
Segmentation fault (core dumped)
(This bug can be triggered only through de debug library or the C API.)
The patch is in lapi.c:
@@ -749,7 +749,7 @@
res = 0;
break;
}
- luaC_objbarrier(L, gcvalue(o), hvalue(L->top - 1));
+ if (res) luaC_objbarrier(L, gcvalue(o), hvalue(L->top - 1));
L->top--;
lua_unlock(L);
return res;
-- Roberto
