LUA: Fix CVE-2014-5461

Apply the fix from upstream.

http://www.lua.org/bugs.html#5.2.2-1
https://www.opencve.io/cve/CVE-2014-5461

It should be noted that exploiting this requires the `SYS_CONFIG`
privilege, and anyone with that privilege likely has other opportunities
to do exploits, so it is unlikely that bad actors could exploit this
unless system administrators are executing untrusted ZFS Channel
Programs.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes #13949
This commit is contained in:
Richard Yao 2022-09-27 19:44:13 -04:00 committed by GitHub
parent fdc2d30371
commit 31b4e008f1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -405,7 +405,7 @@ int luaD_precall (lua_State *L, StkId func, int nresults) {
StkId base; StkId base;
Proto *p = clLvalue(func)->p; Proto *p = clLvalue(func)->p;
n = cast_int(L->top - func) - 1; /* number of real arguments */ n = cast_int(L->top - func) - 1; /* number of real arguments */
luaD_checkstack(L, p->maxstacksize); luaD_checkstack(L, p->maxstacksize + p->numparams);
for (; n < p->numparams; n++) for (; n < p->numparams; n++)
setnilvalue(L->top++); /* complete missing arguments */ setnilvalue(L->top++); /* complete missing arguments */
if (!p->is_vararg) { if (!p->is_vararg) {