 |
lua-l archive |
|
|
||
|
Roberto Ierusalimschy wrote: > Well, I wouldn't call that stack growth "imperceptible", since it is > in the specification of luaO_pushfstring that it leaves its result > on the stack. (It's not by change that it has a "push" in its name :-) > In my mind, the real problem was the chain of two luaO_pushfstring; > after the second one, we forget that the result of the fist one is > still in the stack. Haha got it. I just learned Lua not long ago and I don't understand a lot of functions yet, thanks for the answer! Do you normally assign CVE ids for this type of buffer overflow? |