summary refs log tree commit diff
diff options
context:
space:
mode:
authorEfraim Flashner <efraim@flashner.co.il>2016-05-29 08:50:15 +0300
committerEfraim Flashner <efraim@flashner.co.il>2016-05-29 09:47:46 +0300
commit32fddd8e29ba6bfebc7ba2081f02d2dc9730256a (patch)
tree69bbec1ebbfda9e34e4487d077ba988ef9727850
parent576b1aeed6c315370135025d3cd4db54c388a143 (diff)
downloadguix-32fddd8e29ba6bfebc7ba2081f02d2dc9730256a.tar.gz
gnu: lua-5.1: Fix CVE-2014-5461.
* gnu/packages/lua.scm (lua-5.1)[source]: Add patch.
* gnu/packages/patches/lua-CVE-2014-5461: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/lua.scm4
-rw-r--r--gnu/packages/patches/lua-CVE-2014-5461.patch20
3 files changed, 24 insertions, 1 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 86b56d4047..9a9cff4238 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -612,6 +612,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/lirc-localstatedir.patch			\
   %D%/packages/patches/libpthread-glibc-preparation.patch	\
   %D%/packages/patches/lm-sensors-hwmon-attrs.patch		\
+  %D%/packages/patches/lua-CVE-2014-5461.patch                      \
   %D%/packages/patches/lua-pkgconfig.patch                      \
   %D%/packages/patches/lua51-liblua-so.patch                    \
   %D%/packages/patches/lua52-liblua-so.patch                    \
diff --git a/gnu/packages/lua.scm b/gnu/packages/lua.scm
index 17874f86ab..a5315342ea 100644
--- a/gnu/packages/lua.scm
+++ b/gnu/packages/lua.scm
@@ -3,6 +3,7 @@
 ;;; Copyright © 2014 Raimon Grau <raimonster@gmail.com>
 ;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
 ;;; Copyright © 2014 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -78,7 +79,8 @@ for configuration, scripting, and rapid prototyping.")
                                  version ".tar.gz"))
              (sha256
               (base32 "0cskd4w0g6rdm2q8q3i4n1h3j8kylhs3rq8mxwl9vwlmlxbgqh16"))
-             (patches (search-patches "lua51-liblua-so.patch"))))))
+             (patches (search-patches "lua51-liblua-so.patch"
+                                      "lua-CVE-2014-5461.patch"))))))
 
 (define-public luajit
   (package
diff --git a/gnu/packages/patches/lua-CVE-2014-5461.patch b/gnu/packages/patches/lua-CVE-2014-5461.patch
new file mode 100644
index 0000000000..bc72ef14ad
--- /dev/null
+++ b/gnu/packages/patches/lua-CVE-2014-5461.patch
@@ -0,0 +1,20 @@
+From: Enrico Tassi <gareuselesinge@debian.org>
+Date: Tue, 26 Aug 2014 16:20:55 +0200
+Subject: Fix stack overflow in vararg functions
+
+---
+ src/ldo.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/ldo.c b/src/ldo.c
+index d1bf786..30333bf 100644
+--- a/src/ldo.c
++++ b/src/ldo.c
+@@ -274,7 +274,7 @@ int luaD_precall (lua_State *L, StkId func, int nresults) {
+     CallInfo *ci;
+     StkId st, base;
+     Proto *p = cl->p;
+-    luaD_checkstack(L, p->maxstacksize);
++    luaD_checkstack(L, p->maxstacksize + p->numparams);
+     func = restorestack(L, funcr);
+       base = func + 1;