allanger/ardour
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Activity

Fix potential vulnerable cloned functions: Save stack space while handling errors

Browse Source
This commit is contained in:
npt-1707
2025-04-24 17:06:24 +08:00
parent 5f1bea0b6b
commit edf2ce7cfe
2 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
libs/lua/lua-5.3.5/lvm.c
View File

@@ -490,8 +490,10 @@ void luaV_concat (lua_State *L, int total) {
/* collect total length and number of strings */
for (n = 1; n < total && tostring(L, top - n - 1); n++) {
size_t l = vslen(top - n - 1);
if (l >= (MAX_SIZE/sizeof(char)) - tl)
if (l >= (MAX_SIZE/sizeof(char)) - tl) {
L->top = top - total; /* pop strings to avoid wasting stack */
luaG_runerror(L, "string length overflow");
}
tl += l;
}
if (tl <= LUAI_MAXSHORTLEN) { /* is result a short string? */
@@ -506,7 +508,7 @@ void luaV_concat (lua_State *L, int total) {
setsvalue2s(L, top - n, ts); /* create result */
}
total -= n-1; /* got 'n' strings to create 1 new */
L->top -= n-1; /* popped 'n' strings and pushed one */
L->top = top - (n - 1); /* popped 'n' strings and pushed one */
} while (total > 1); /* repeat until only 1 result left */
}