Fix Lua stack overflow vulnerability (#1054)

Co-authored-by: Turánszki János <turanszkij@users.noreply.github.com>
This commit is contained in:
Yan Naing Tun
2025-03-05 15:28:47 +08:00
committed by GitHub
parent 545e859ca7
commit fdaf5ed72f
+5 -1
View File
@@ -634,11 +634,15 @@ l_noret luaG_runerror (lua_State *L, const char *fmt, ...) {
CallInfo *ci = L->ci;
const char *msg;
va_list argp;
luaC_checkGC(L); /* error message uses memory */
va_start(argp, fmt);
msg = luaO_pushvfstring(L, fmt, argp); /* format message */
va_end(argp);
if (isLua(ci)) /* if Lua function, add source:line information */
if (isLua(ci)) { /* if Lua function, add source:line information */
luaG_addinfo(L, msg, ci_func(ci)->p->source, currentline(ci));
setobjs2s(L, L->top - 2, L->top - 1); /* remove 'msg' from the stack */
L->top--;
}
luaG_errormsg(L);
}