fix CVE-2020-24370
This commit is contained in:
parent
9898d3a2b9
commit
c9b9f4ac09
|
@ -0,0 +1,26 @@
|
||||||
|
diff -up lua-5.3.5/src/ldebug.c.CVE-2020-24370 lua-5.3.5/src/ldebug.c
|
||||||
|
--- lua-5.3.5/src/ldebug.c.CVE-2020-24370 2020-08-19 13:37:17.075859557 -0400
|
||||||
|
+++ lua-5.3.5/src/ldebug.c 2020-08-19 13:38:53.117779244 -0400
|
||||||
|
@@ -133,10 +133,11 @@ static const char *upvalname (Proto *p,
|
||||||
|
|
||||||
|
static const char *findvararg (CallInfo *ci, int n, StkId *pos) {
|
||||||
|
int nparams = clLvalue(ci->func)->p->numparams;
|
||||||
|
- if (n >= cast_int(ci->u.l.base - ci->func) - nparams)
|
||||||
|
+ int nvararg = cast_int(ci->u.l.base - ci->func) - nparams;
|
||||||
|
+ if (n <= -nvararg)
|
||||||
|
return NULL; /* no such vararg */
|
||||||
|
else {
|
||||||
|
- *pos = ci->func + nparams + n;
|
||||||
|
+ *pos = ci->func + nparams - n;
|
||||||
|
return "(*vararg)"; /* generic name for any vararg */
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@@ -148,7 +149,7 @@ static const char *findlocal (lua_State
|
||||||
|
StkId base;
|
||||||
|
if (isLua(ci)) {
|
||||||
|
if (n < 0) /* access to vararg values? */
|
||||||
|
- return findvararg(ci, -n, pos);
|
||||||
|
+ return findvararg(ci, n, pos);
|
||||||
|
else {
|
||||||
|
base = ci->u.l.base;
|
||||||
|
name = luaF_getlocalname(ci_func(ci)->p, n, currentpc(ci));
|
7
lua.spec
7
lua.spec
|
@ -15,7 +15,7 @@
|
||||||
|
|
||||||
Name: lua
|
Name: lua
|
||||||
Version: %{major_version}.5
|
Version: %{major_version}.5
|
||||||
Release: 7%{?dist}
|
Release: 8%{?dist}
|
||||||
Summary: Powerful light-weight programming language
|
Summary: Powerful light-weight programming language
|
||||||
License: MIT
|
License: MIT
|
||||||
URL: http://www.lua.org/
|
URL: http://www.lua.org/
|
||||||
|
@ -42,6 +42,7 @@ Patch7: %{name}-5.2.2-luac-shared-link-fix.patch
|
||||||
Patch8: %{name}-5.2.2-configure-compat-module.patch
|
Patch8: %{name}-5.2.2-configure-compat-module.patch
|
||||||
%endif
|
%endif
|
||||||
Patch9: CVE-2019-6706-use-after-free-lua_upvaluejoin.patch
|
Patch9: CVE-2019-6706-use-after-free-lua_upvaluejoin.patch
|
||||||
|
Patch10: %{name}-5.3.5-CVE-2020-24370.patch
|
||||||
|
|
||||||
BuildRequires: automake autoconf libtool readline-devel ncurses-devel
|
BuildRequires: automake autoconf libtool readline-devel ncurses-devel
|
||||||
Requires: lua-libs = %{version}-%{release}
|
Requires: lua-libs = %{version}-%{release}
|
||||||
|
@ -93,6 +94,7 @@ mv src/luaconf.h src/luaconf.h.template.in
|
||||||
%patch3 -p1 -z .configure-linux
|
%patch3 -p1 -z .configure-linux
|
||||||
%patch4 -p1 -z .configure-compat-all
|
%patch4 -p1 -z .configure-compat-all
|
||||||
%patch9 -p1 -b .CVE-2019-6706
|
%patch9 -p1 -b .CVE-2019-6706
|
||||||
|
%patch10 -p1 -b .CVE-2020-24370
|
||||||
# Put proper version in configure.ac, patch0 hardcodes 5.3.0
|
# Put proper version in configure.ac, patch0 hardcodes 5.3.0
|
||||||
sed -i 's|5.3.0|%{version}|g' configure.ac
|
sed -i 's|5.3.0|%{version}|g' configure.ac
|
||||||
autoreconf -ifv
|
autoreconf -ifv
|
||||||
|
@ -214,6 +216,9 @@ install -Dpm 0644 %{SOURCE1000} $RPM_BUILD_ROOT/%{macrosdir}/macros.lua
|
||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Aug 19 2020 Tom Callaway <spot@fedoraproject.org> - 5.3.5-8
|
||||||
|
- fix CVE-2020-24370
|
||||||
|
|
||||||
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.3.5-7
|
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.3.5-7
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue