lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


Hi,

 

We found a segmentation fault in luaG_traceexec, here’s the POC:

co = coroutine.create(

function()

    function errfunc()

        return 'errfunc'

    end

    function test(do_yield)

        pcall(function()

            if do_yield then

                load(string.dump(errfunc, coroutine))() end end)

        end

        (function() print(

            xpcall(test, function() end, true)) end)() end

            )

debug.sethook(co, function() end, "lr")

coroutine.resume(co)

 

Lua version 5.4.0, git hash 34affe7a63fc5d842580a9f23616d057e17dfe27, tested on Ubuntu 16.04

 

Best,

Yongheng and Rui