Discussion:
Bug#1041902: lua5.4: 'lua_settop' may use an invalid pointer to stack
(too old to reply)
Asher Gordon
2023-07-25 05:40:01 UTC
Permalink
Package: lua5.4
Version: 5.4.4-3
Severity: normal
X-Debbugs-Cc: none, Asher Gordon <***@posteo.net>

Dear Maintainer,

I found a bug in which calling lua_toclose() while the "main" stack is
active (i.e., not inside a function which was called by lua_call()), can
sometimes cause memory errors later. As I later found out, this was a
symptom of a bug in lua_settop(). Here is a minimal example showcasing
the bug:
Asher Gordon
2023-07-25 17:00:01 UTC
Permalink
Control: reassign -1 src:lua5.4
I think this fix from upstream should be backported to Debian's Lua
5.4, and possibly 5.{1,2,3} as well (I haven't tested those).
I found out Lua 5.4 is the first version with lua_toclose() (and the
__close() metamethod), so the particular manifestation of the bug I've
shown cannot be present in previous versions. Also, lua.org says this
bug has existed since 5.4.3: https://www.lua.org/bugs.html#5.4.4-5

I think that Debian should update lua5.4 to the latest upstream version
5.4.6, which should fix this (and other) bugs. I see that currently,
even in sid, lua5.4 is still 5.4.4.

Thanks,
Asher

P.S. I am reassigning this to the source package, since I think that
makes more sense.
--
On two occasions I have been asked [by members of Parliament!], "Pray, Mr.
Babbage, if you put into the machine wrong figures, will the right answers
come out?" I am not able rightly to apprehend the kind of confusion of
ideas that could provoke such a question.
-- Charles Babbage
--------
I prefer to send and receive mail encrypted. Please send me your
public key, and if you do not have my public key, please let me
know. Thanks.

GPG fingerprint: 38F3 975C D173 4037 B397 8095 D4C9 C4FC 5460 8E68
Loading...