aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorYue Tao <Yue.Tao@windriver.com>2020-07-28 10:31:07 -0700
committerArmin Kuster <akuster808@gmail.com>2020-07-30 21:29:08 -0700
commitfae2b902613f0fda14f70cbb1eb4c41e7c0fc9a7 (patch)
treed4369cdf5d196f2f320e1fddd86d868b6bd7bc7c
parent40f4f3ed5f6f006c05f36f6dd846b788e1ec98fd (diff)
downloadmeta-openembedded-contrib-fae2b902613f0fda14f70cbb1eb4c41e7c0fc9a7.tar.gz
lua: Security Advisory - lua - CVE-2020-15888
Backport fix from https://github.com/lua/lua.git. Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 698748c1538ed03efbcfdd936cf8317b4f138c29) Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r--meta-oe/recipes-devtools/lua/lua/CVE-2020-15888.patch45
-rw-r--r--meta-oe/recipes-devtools/lua/lua_5.3.5.bb1
2 files changed, 46 insertions, 0 deletions
diff --git a/meta-oe/recipes-devtools/lua/lua/CVE-2020-15888.patch b/meta-oe/recipes-devtools/lua/lua/CVE-2020-15888.patch
new file mode 100644
index 0000000000..60a4125971
--- /dev/null
+++ b/meta-oe/recipes-devtools/lua/lua/CVE-2020-15888.patch
@@ -0,0 +1,45 @@
+From 6298903e35217ab69c279056f925fb72900ce0b7 Mon Sep 17 00:00:00 2001
+From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
+Date: Mon, 6 Jul 2020 12:11:54 -0300
+Subject: [PATCH] Keep minimum size when shrinking a stack
+
+When shrinking a stack (during GC), do not make it smaller than the
+initial stack size.
+---
+ ldo.c | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+==== end of original header ====
+
+CVE: CVE-2020-15888
+
+Upstream-Status: backport [https://github.com/lua/lua.git]
+
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+
+====
+diff --git a/ldo.c b/ldo.c
+index c563b1d9..a89ac010 100644
+--- a/src/ldo.c
++++ b/src/ldo.c
+@@ -220,7 +220,7 @@ static int stackinuse (lua_State *L) {
+
+ void luaD_shrinkstack (lua_State *L) {
+ int inuse = stackinuse(L);
+- int goodsize = inuse + (inuse / 8) + 2*EXTRA_STACK;
++ int goodsize = inuse + BASIC_STACK_SIZE;
+ if (goodsize > LUAI_MAXSTACK)
+ goodsize = LUAI_MAXSTACK; /* respect stack limit */
+ if (L->stacksize > LUAI_MAXSTACK) /* had been handling stack overflow? */
+@@ -229,8 +229,7 @@ void luaD_shrinkstack (lua_State *L) {
+ luaE_shrinkCI(L); /* shrink list */
+ /* if thread is currently not handling a stack overflow and its
+ good size is smaller than current size, shrink its stack */
+- if (inuse <= (LUAI_MAXSTACK - EXTRA_STACK) &&
+- goodsize < L->stacksize)
++ if (inuse <= (LUAI_MAXSTACK - EXTRA_STACK) && goodsize < L->stacksize)
+ luaD_reallocstack(L, goodsize);
+ else /* don't change stack */
+ condmovestack(L,{},{}); /* (change only for debugging) */
+--
+2.17.1
+
diff --git a/meta-oe/recipes-devtools/lua/lua_5.3.5.bb b/meta-oe/recipes-devtools/lua/lua_5.3.5.bb
index a23a4a5dac..d3461b06de 100644
--- a/meta-oe/recipes-devtools/lua/lua_5.3.5.bb
+++ b/meta-oe/recipes-devtools/lua/lua_5.3.5.bb
@@ -7,6 +7,7 @@ HOMEPAGE = "http://www.lua.org/"
SRC_URI = "http://www.lua.org/ftp/lua-${PV}.tar.gz;name=tarballsrc \
file://lua.pc.in \
file://0001-Allow-building-lua-without-readline-on-Linux.patch \
+ file://CVE-2020-15888.patch \
"
# if no test suite matches PV release of Lua exactly, download the suite for the closest Lua release.