|
| 1 | +From 42d40581dd919fb134c07027ca1ce0844c670daf Mon Sep 17 00:00:00 2001 |
| 2 | +From: Roberto Ierusalimschy < [email protected]> |
| 3 | +Date: Fri, 20 May 2022 13:14:33 -0300 |
| 4 | +Subject: [PATCH] Save stack space while handling errors |
| 5 | + |
| 6 | +Because error handling (luaG_errormsg) uses slots from EXTRA_STACK, |
| 7 | +and some errors can recur (e.g., string overflow while creating an |
| 8 | +error message in 'luaG_runerror', or a C-stack overflow before calling |
| 9 | +the message handler), the code should use stack slots with parsimony. |
| 10 | + |
| 11 | +This commit fixes the bug "Lua-stack overflow when C stack overflows |
| 12 | +while handling an error". |
| 13 | + |
| 14 | +[AI Backported] Upstream Patch Reference: https://github.com/lua/lua/commit/42d40581dd919fb134c07027ca1ce0844c670daf |
| 15 | + |
| 16 | +--- |
| 17 | + ldebug.c | 5 ++++- |
| 18 | + lvm.c | 6 ++++-- |
| 19 | + 2 files changed, 8 insertions(+), 3 deletions(-) |
| 20 | + |
| 21 | +diff --git a/src/civetweb/src/third_party/lua-5.3.3/src/ldebug.c b/src/civetweb/src/third_party/lua-5.3.3/src/ldebug.c |
| 22 | +index e499ee362..5ef7c62d1 100644 |
| 23 | +--- a/src/civetweb/src/third_party/lua-5.3.3/src/ldebug.c |
| 24 | ++++ b/src/civetweb/src/third_party/lua-5.3.3/src/ldebug.c |
| 25 | +@@ -637,8 +637,11 @@ l_noret luaG_runerror (lua_State *L, const char *fmt, ...) { |
| 26 | + va_start(argp, fmt); |
| 27 | + msg = luaO_pushvfstring(L, fmt, argp); /* format message */ |
| 28 | + va_end(argp); |
| 29 | +- if (isLua(ci)) /* if Lua function, add source:line information */ |
| 30 | ++ if (isLua(ci)) { /* if Lua function, add source:line information */ |
| 31 | + luaG_addinfo(L, msg, ci_func(ci)->p->source, currentline(ci)); |
| 32 | ++ setobjs2s(L, L->top - 2, L->top - 1); /* remove 'msg' from the stack */ |
| 33 | ++ L->top--; |
| 34 | ++ } |
| 35 | + luaG_errormsg(L); |
| 36 | + } |
| 37 | + |
| 38 | +diff --git a/src/civetweb/src/third_party/lua-5.3.3/src/lvm.c b/src/civetweb/src/third_party/lua-5.3.3/src/lvm.c |
| 39 | +index 84ade6b2f..35d0b6af6 100644 |
| 40 | +--- a/src/civetweb/src/third_party/lua-5.3.3/src/lvm.c |
| 41 | ++++ b/src/civetweb/src/third_party/lua-5.3.3/src/lvm.c |
| 42 | +@@ -490,8 +490,10 @@ void luaV_concat (lua_State *L, int total) { |
| 43 | + /* collect total length and number of strings */ |
| 44 | + for (n = 1; n < total && tostring(L, top - n - 1); n++) { |
| 45 | + size_t l = vslen(top - n - 1); |
| 46 | +- if (l >= (MAX_SIZE/sizeof(char)) - tl) |
| 47 | ++ if (l >= (MAX_SIZE/sizeof(char)) - tl) { |
| 48 | ++ L->top = top - total; /* pop strings to avoid wasting stack */ |
| 49 | + luaG_runerror(L, "string length overflow"); |
| 50 | ++ } |
| 51 | + tl += l; |
| 52 | + } |
| 53 | + if (tl <= LUAI_MAXSHORTLEN) { /* is result a short string? */ |
| 54 | +@@ -506,7 +508,7 @@ void luaV_concat (lua_State *L, int total) { |
| 55 | + setsvalue2s(L, top - n, ts); /* create result */ |
| 56 | + } |
| 57 | + total -= n-1; /* got 'n' strings to create 1 new */ |
| 58 | +- L->top -= n-1; /* popped 'n' strings and pushed one */ |
| 59 | ++ L->top = top - (n - 1); /* popped 'n' strings and pushed one */ |
| 60 | + } while (total > 1); /* repeat until only 1 result left */ |
| 61 | + } |
| 62 | + |
0 commit comments