Add patch for CVE-2014-5461

http://lua-users.org/lists/lua-l/2021-07/msg00115.html
flathub · Jan 17, 2025 · f5d368a · f5d368a
1 parent f1ad050
commit f5d368a
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 0 deletions.
diff --git a/lua5.1/0004-Fix-stack-overflow-in-vararg-functions.patch b/lua5.1/0004-Fix-stack-overflow-in-vararg-functions.patch
@@ -0,0 +1,21 @@
+From: Enrico Tassi <[email protected]>
+Date: Tue, 26 Aug 2014 16:20:55 +0200
+Subject: Fix stack overflow in vararg functions
+
+---
+ src/ldo.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/ldo.c b/src/ldo.c
+index d1bf786..30333bf 100644
+--- a/src/ldo.c
++++ b/src/ldo.c
+@@ -274,7 +274,7 @@ int luaD_precall (lua_State *L, StkId func, int nresults) {
+     CallInfo *ci;
+     StkId st, base;
+     Proto *p = cl->p;
+-    luaD_checkstack(L, p->maxstacksize);
++    luaD_checkstack(L, p->maxstacksize + p->numparams);
+     func = restorestack(L, funcr);
+     if (!p->is_vararg) {  /* no varargs? */
+       base = func + 1;
diff --git a/lua5.1/lua-5.1.5.json b/lua5.1/lua-5.1.5.json
@@ -21,6 +21,10 @@
             "type": "patch",
             "path": "lua-5.1.5-so.patch"
         },
+        {
+            "type": "patch",
+            "path": "0004-Fix-stack-overflow-in-vararg-functions.patch"
+        },
         {
             "type": "shell",
             "commands": [