[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: heap-buffer-overflow found in luaG_errormsg
- From: Roberto Ierusalimschy <roberto@...>
- Date: Tue, 24 May 2022 12:59:27 -0300
> As I understand it, luaG_runerror() as a part of error handling needs
> to control its stack space usage artificially, but luaO_pushvfstring()
> and luaG_addinfo()->luaO_pushfstring() produces two imperceptible
> stack growths, thus causing the problem. Is this understood correctly?
Well, I wouldn't call that stack growth "imperceptible", since it is
in the specification of luaO_pushfstring that it leaves its result
on the stack. (It's not by change that it has a "push" in its name :-)
In my mind, the real problem was the chain of two luaO_pushfstring;
after the second one, we forget that the result of the fist one is
still in the stack.
> By the way, will this patch be applied to the next release of Lua?
Sure.
-- Roberto