diff options
author | Yue Tao <Yue.Tao@windriver.com> | 2020-07-28 10:31:07 -0700 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2020-07-30 21:29:08 -0700 |
commit | fae2b902613f0fda14f70cbb1eb4c41e7c0fc9a7 (patch) | |
tree | d4369cdf5d196f2f320e1fddd86d868b6bd7bc7c | |
parent | 40f4f3ed5f6f006c05f36f6dd846b788e1ec98fd (diff) | |
download | meta-openembedded-contrib-fae2b902613f0fda14f70cbb1eb4c41e7c0fc9a7.tar.gz |
lua: Security Advisory - lua - CVE-2020-15888
Backport fix from https://github.com/lua/lua.git.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 698748c1538ed03efbcfdd936cf8317b4f138c29)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r-- | meta-oe/recipes-devtools/lua/lua/CVE-2020-15888.patch | 45 | ||||
-rw-r--r-- | meta-oe/recipes-devtools/lua/lua_5.3.5.bb | 1 |
2 files changed, 46 insertions, 0 deletions
diff --git a/meta-oe/recipes-devtools/lua/lua/CVE-2020-15888.patch b/meta-oe/recipes-devtools/lua/lua/CVE-2020-15888.patch new file mode 100644 index 0000000000..60a4125971 --- /dev/null +++ b/meta-oe/recipes-devtools/lua/lua/CVE-2020-15888.patch @@ -0,0 +1,45 @@ +From 6298903e35217ab69c279056f925fb72900ce0b7 Mon Sep 17 00:00:00 2001 +From: Roberto Ierusalimschy <roberto@inf.puc-rio.br> +Date: Mon, 6 Jul 2020 12:11:54 -0300 +Subject: [PATCH] Keep minimum size when shrinking a stack + +When shrinking a stack (during GC), do not make it smaller than the +initial stack size. +--- + ldo.c | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) +==== end of original header ==== + +CVE: CVE-2020-15888 + +Upstream-Status: backport [https://github.com/lua/lua.git] + +Signed-off-by: Joe Slater <joe.slater@windriver.com> + +==== +diff --git a/ldo.c b/ldo.c +index c563b1d9..a89ac010 100644 +--- a/src/ldo.c ++++ b/src/ldo.c +@@ -220,7 +220,7 @@ static int stackinuse (lua_State *L) { + + void luaD_shrinkstack (lua_State *L) { + int inuse = stackinuse(L); +- int goodsize = inuse + (inuse / 8) + 2*EXTRA_STACK; ++ int goodsize = inuse + BASIC_STACK_SIZE; + if (goodsize > LUAI_MAXSTACK) + goodsize = LUAI_MAXSTACK; /* respect stack limit */ + if (L->stacksize > LUAI_MAXSTACK) /* had been handling stack overflow? */ +@@ -229,8 +229,7 @@ void luaD_shrinkstack (lua_State *L) { + luaE_shrinkCI(L); /* shrink list */ + /* if thread is currently not handling a stack overflow and its + good size is smaller than current size, shrink its stack */ +- if (inuse <= (LUAI_MAXSTACK - EXTRA_STACK) && +- goodsize < L->stacksize) ++ if (inuse <= (LUAI_MAXSTACK - EXTRA_STACK) && goodsize < L->stacksize) + luaD_reallocstack(L, goodsize); + else /* don't change stack */ + condmovestack(L,{},{}); /* (change only for debugging) */ +-- +2.17.1 + diff --git a/meta-oe/recipes-devtools/lua/lua_5.3.5.bb b/meta-oe/recipes-devtools/lua/lua_5.3.5.bb index a23a4a5dac..d3461b06de 100644 --- a/meta-oe/recipes-devtools/lua/lua_5.3.5.bb +++ b/meta-oe/recipes-devtools/lua/lua_5.3.5.bb @@ -7,6 +7,7 @@ HOMEPAGE = "http://www.lua.org/" SRC_URI = "http://www.lua.org/ftp/lua-${PV}.tar.gz;name=tarballsrc \ file://lua.pc.in \ file://0001-Allow-building-lua-without-readline-on-Linux.patch \ + file://CVE-2020-15888.patch \ " # if no test suite matches PV release of Lua exactly, download the suite for the closest Lua release. |