lua51: patch for CVE-2014-5461 via OpenBSD.

2014-09-10 09:17:59 +02:00 · 2014-09-10 09:17:59 +02:00 · f9e1c115e6
parent 638a892997
commit f9e1c115e6
2 changed files with 15 additions and 1 deletions
--- a/srcpkgs/lua51/patches/CVE-2014-5461.patch
+++ b/srcpkgs/lua51/patches/CVE-2014-5461.patch
@ -0,0 +1,14 @@
+Security fix for CVE-2014-5461,
+http://openwall.com/lists/oss-security/2014/08/27/2
+
+--- src/ldo.c.orig	Tue Sep  9 15:32:24 2014
+++ src/ldo.c	Tue Sep  9 15:33:46 2014
+@@ -217,7 +217,7 @@ static StkId adjust_varargs (lua_State *L, Proto *p, i
+     int nvar = actual - nfixargs;  /* number of extra arguments */
+     lua_assert(p->is_vararg & VARARG_HASARG);
+     luaC_checkGC(L);
+-    luaD_checkstack(L, p->maxstacksize);
+    luaD_checkstack(L, p->maxstacksize + p->numparams);
+     htab = luaH_new(L, nvar, 1);  /* create `arg' table */
+     for (i=0; i<nvar; i++)  /* put extra arguments into `arg' table */
+       setobj2n(L, luaH_setnum(L, htab, i+1), L->top - nvar + i);
--- a/srcpkgs/lua51/template
+++ b/srcpkgs/lua51/template
@ -1,7 +1,7 @@
 # Template file for 'lua51'
 pkgname=lua51
 version=5.1.5
-revision=4
+revision=5
 wrksrc="lua-${version}"
 makedepends="ncurses-devel readline-devel>=6.3"
 short_desc="Powerful, fast, lightweight, embeddable scripting language (5.1.x)"