Re: heap-buffer-overflow in luaD

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: heap-buffer-overflow in luaD_pretailcall
From: William Ahern <william@...>
Date: Tue, 7 Jul 2020 21:41:34 -0700

On Tue, Jul 07, 2020 at 03:34:28PM -0300, Roberto Ierusalimschy wrote:
> > > - How do you generate these tests?
> 
> My question was how they generate the Lua code that trigger those
> issues.  I am not sure whether they can be simplified; the code is quite
> convoluted.

You can build with AddressSanitizer like

  make MYCFLAGS="-fsanitize=address" MYLDFLAGS="-fsanitize=address"

but I can't reproduce on Ubuntu 20.04 LTS, neither with gcc (9.3.0) nor
clang (10.0.0). It definitely would help to know more about the test
environment.

I *can* reproduce the getobjname report, though, with both GCC and clang.

Follow-Ups:
- Re: heap-buffer-overflow in luaD_pretailcall, Gé Weijers

References:
- heap-buffer-overflow in luaD_pretailcall, Rui Zhong
- Re: heap-buffer-overflow in luaD_pretailcall, Roberto Ierusalimschy
- Re: heap-buffer-overflow in luaD_pretailcall, Gé Weijers
- Re: heap-buffer-overflow in luaD_pretailcall, Roberto Ierusalimschy

Prev by Date: Re: heap-buffer-overflow in luaD_pretailcall
Next by Date: Re: heap-buffer-overflow in getobjname
Previous by thread: Re: heap-buffer-overflow in luaD_pretailcall
Next by thread: Re: heap-buffer-overflow in luaD_pretailcall
Index(es):
- Date
- Thread