CVS commit: src/external/mit/lua/dist/src

Thu, 12 Dec 2019 04:35:54 -0800 

Module Name:    src
Committed By:   mbalmer
Date:           Thu Dec 12 12:35:44 UTC 2019

Modified Files:
        src/external/mit/lua/dist/src: lapi.c

Log Message:
Apply a fix for the bug "Joining an upvalue with itself can cause a use-after
free", documented on http://www.lua.org/bugs.html


To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 src/external/mit/lua/dist/src/lapi.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/external/mit/lua/dist/src/lapi.c
diff -u src/external/mit/lua/dist/src/lapi.c:1.11 src/external/mit/lua/dist/src/lapi.c:1.12
--- src/external/mit/lua/dist/src/lapi.c:1.11	Sat Aug  4 17:30:01 2018
+++ src/external/mit/lua/dist/src/lapi.c	Thu Dec 12 12:35:43 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: lapi.c,v 1.11 2018/08/04 17:30:01 alnsn Exp $	*/
+/*	$NetBSD: lapi.c,v 1.12 2019/12/12 12:35:43 mbalmer Exp $	*/
 
 /*
 ** Id: lapi.c,v 2.259.1.2 2017/12/06 18:35:12 roberto Exp 
@@ -1297,6 +1297,8 @@ LUA_API void lua_upvaluejoin (lua_State 
   LClosure *f1;
   UpVal **up1 = getupvalref(L, fidx1, n1, &f1);
   UpVal **up2 = getupvalref(L, fidx2, n2, NULL);
+  if (*up1 == *up2)
+    return;
   luaC_upvdeccount(L, *up1);
   *up1 = *up2;
   (*up1)->refcount++;

Reply via email to