Hello community, here is the log from the commit of package lua53 for openSUSE:Factory checked in at 2020-08-28 23:44:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/lua53 (Old) and /work/SRC/openSUSE:Factory/.lua53.new.3399 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lua53" Fri Aug 28 23:44:24 2020 rev:4 rq:828518 version:5.3.5 Changes: -------- --- /work/SRC/openSUSE:Factory/lua53/lua53.changes 2019-09-05 12:02:14.691943360 +0200 +++ /work/SRC/openSUSE:Factory/.lua53.new.3399/lua53.changes 2020-08-28 23:44:26.071522694 +0200 @@ -1,0 +2,11 @@ +Wed Aug 19 14:03:08 UTC 2020 - Callum Farmer <callumjfarme...@gmail.com> + +- Added upstream-bugs.patch: upstream bug patches + * Patches 2,3,4 +- Added upstream-bugs-backport-lua54.patch: bugs discovered in lua54 + * Patch 10: CVE-2020-24371, boo#1175449 + * Patch 11: CVE-2020-24370, boo#1175448 + * Patch 13 +- Add RISC-V to list of 64-bit architectures + +------------------------------------------------------------------- New: ---- upstream-bugs-backport-lua54.patch upstream-bugs.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ lua53.spec ++++++ --- /var/tmp/diff_new_pack.P4PLom/_old 2020-08-28 23:44:28.135521371 +0200 +++ /var/tmp/diff_new_pack.P4PLom/_new 2020-08-28 23:44:28.135521371 +0200 @@ -29,6 +29,10 @@ Source99: baselibs.conf # PATCH-FIX-SUSE tweak the buildsystem to produce what is needed for SUSE Patch0: lua-build-system.patch +# PATCH-FIX-UPSTREAM https://www.lua.org/bugs.html#5.3.5 +Patch1: upstream-bugs.patch +# PATCH-FIX-UPSTREAM https://www.lua.org/bugs.html#5.4.0 +Patch2: upstream-bugs-backport-lua54.patch BuildRequires: libtool BuildRequires: lua-macros BuildRequires: pkgconfig @@ -75,7 +79,7 @@ Summary: The Lua integration library # Compat as libtool changes the soname Group: System/Libraries -%ifarch aarch64 x86_64 ppc64 ppc64le s390x +%ifarch aarch64 x86_64 ppc64 ppc64le s390x riscv64 Provides: liblua.so.5.3()(64bit) %else Provides: liblua.so.5.3 ++++++ upstream-bugs-backport-lua54.patch ++++++ --- a/src/ldebug.c +++ b/src/ldebug.c @@ -133,10 +133,11 @@ static const char *upvalname (Proto *p, int uv) { static const char *findvararg (CallInfo *ci, int n, StkId *pos) { int nparams = clLvalue(ci->func)->p->numparams; - if (n >= cast_int(ci->u.l.base - ci->func) - nparams) + int nvararg = cast_int(ci->u.l.base - ci->func) - nparams; + if (n <= -nvararg) return NULL; /* no such vararg */ else { - *pos = ci->func + nparams + n; + *pos = ci->func + nparams - n; return "(*vararg)"; /* generic name for any vararg */ } } @@ -148,7 +149,7 @@ static const char *findlocal (lua_State *L, CallInfo *ci, int n, StkId base; if (isLua(ci)) { if (n < 0) /* access to vararg values? */ - return findvararg(ci, -n, pos); + return findvararg(ci, n, pos); else { base = ci->u.l.base; name = luaF_getlocalname(ci_func(ci)->p, n, currentpc(ci)); --- a/src/liolib.c +++ b/src/liolib.c @@ -277,6 +277,8 @@ static int io_popen (lua_State *L) { const char *filename = luaL_checkstring(L, 1); const char *mode = luaL_optstring(L, 2, "r"); LStream *p = newprefile(L); + luaL_argcheck(L, ((mode[0] == 'r' || mode[0] == 'w') && mode[1] == '\0'), + 2, "invalid mode"); p->f = l_popen(L, filename, mode); p->closef = &io_pclose; return (p->f == NULL) ? luaL_fileresult(L, 0, filename) : 1; --- a/src/lauxlib.c +++ b/src/lauxlib.c @@ -1013,10 +1013,10 @@ static void *l_alloc (void *ud, void *ptr, size_t osize, size_t nsize) { } else { /* cannot fail when shrinking a block */ void *newptr = realloc(ptr, nsize); - if (newptr == NULL && ptr != NULL && nsize <= osize) - return ptr; /* keep the original block */ - else /* no fail or not shrinking */ - return newptr; /* use the new block */ + if (newptr == NULL && ptr != NULL && nsize <= osize) + return ptr; /* keep the original block */ + else /* no fail or not shrinking */ + return newptr; /* use the new block */ } } --- a/src/lundump.c +++ b/src/lundump.c @@ -86,6 +86,7 @@ static lua_Integer LoadInteger (LoadState *S) { static TString *LoadString (LoadState *S, Proto *p) { + lua_State *L = S->L; size_t size = LoadByte(S); TString *ts; if (size == 0xFF) @@ -95,13 +96,16 @@ static TString *LoadString (LoadState *S, Proto *p) { else if (--size <= LUAI_MAXSHORTLEN) { /* short string? */ char buff[LUAI_MAXSHORTLEN]; LoadVector(S, buff, size); - ts = luaS_newlstr(S->L, buff, size); + ts = luaS_newlstr(L, buff, size); } else { /* long string */ - ts = luaS_createlngstrobj(S->L, size); + ts = luaS_createlngstrobj(L, size); + setsvalue2s(L, L->top, ts); /* anchor it ('loadVector' can GC) */ + luaD_inctop(L); LoadVector(S, getstr(ts), size); /* load directly in final place */ + L->top--; /* pop string */ } - luaC_objbarrier(S->L, p, ts); + luaC_objbarrier(L, p, ts); return ts; } ++++++ upstream-bugs.patch ++++++ --- a/src/lauxlib.c +++ b/src/lauxlib.c @@ -1011,8 +1011,13 @@ static void *l_alloc (void *ud, void *ptr, size_t osize, size_t nsize) { free(ptr); return NULL; } - else - return realloc(ptr, nsize); + else { /* cannot fail when shrinking a block */ + void *newptr = realloc(ptr, nsize); + if (newptr == NULL && ptr != NULL && nsize <= osize) + return ptr; /* keep the original block */ + else /* no fail or not shrinking */ + return newptr; /* use the new block */ + } } --- a/src/llex.c +++ b/src/llex.c @@ -244,12 +244,12 @@ static int read_numeral (LexState *ls, SemInfo *seminfo) { /* -** skip a sequence '[=*[' or ']=*]'; if sequence is well formed, return -** its number of '='s; otherwise, return a negative number (-1 iff there -** are no '='s after initial bracket) +** reads a sequence '[=*[' or ']=*]', leaving the last bracket. +** If sequence is well formed, return its number of '='s + 2; otherwise, +** return 1 if there is no '='s or 0 otherwise (an unfinished '[==...'). */ -static int skip_sep (LexState *ls) { - int count = 0; +static size_t skip_sep (LexState *ls) { + size_t count = 0; int s = ls->current; lua_assert(s == '[' || s == ']'); save_and_next(ls); @@ -257,11 +257,14 @@ static int skip_sep (LexState *ls) { save_and_next(ls); count++; } - return (ls->current == s) ? count : (-count) - 1; + return (ls->current == s) ? count + 2 + : (count == 0) ? 1 + : 0; + } -static void read_long_string (LexState *ls, SemInfo *seminfo, int sep) { +static void read_long_string (LexState *ls, SemInfo *seminfo, size_t sep) { int line = ls->linenumber; /* initial line (for error message) */ save_and_next(ls); /* skip 2nd '[' */ if (currIsNewline(ls)) /* string starts with a newline? */ @@ -295,8 +298,8 @@ static void read_long_string (LexState *ls, SemInfo *seminfo, int sep) { } } endloop: if (seminfo) - seminfo->ts = luaX_newstring(ls, luaZ_buffer(ls->buff) + (2 + sep), - luaZ_bufflen(ls->buff) - 2*(2 + sep)); + seminfo->ts = luaX_newstring(ls, luaZ_buffer(ls->buff) + sep, + luaZ_bufflen(ls->buff) - 2 * sep); } @@ -444,9 +447,9 @@ static int llex (LexState *ls, SemInfo *seminfo) { /* else is a comment */ next(ls); if (ls->current == '[') { /* long comment? */ - int sep = skip_sep(ls); + size_t sep = skip_sep(ls); luaZ_resetbuffer(ls->buff); /* 'skip_sep' may dirty the buffer */ - if (sep >= 0) { + if (sep >= 2) { read_long_string(ls, NULL, sep); /* skip long comment */ luaZ_resetbuffer(ls->buff); /* previous call may dirty the buff. */ break; @@ -458,12 +461,12 @@ static int llex (LexState *ls, SemInfo *seminfo) { break; } case '[': { /* long string or simply '[' */ - int sep = skip_sep(ls); - if (sep >= 0) { + size_t sep = skip_sep(ls); + if (sep >= 2) { read_long_string(ls, seminfo, sep); return TK_STRING; } - else if (sep != -1) /* '[=...' missing second bracket */ + else if (sep == 0) /* '[=...' missing second bracket */ lexerror(ls, "invalid long string delimiter", TK_STRING); return '['; } --- a/src/lparser.c +++ b/src/lparser.c @@ -544,6 +544,7 @@ static void open_func (LexState *ls, FuncState *fs, BlockCnt *bl) { fs->bl = NULL; f = fs->f; f->source = ls->source; + luaC_objbarrier(ls->L, f, f->source); f->maxstacksize = 2; /* registers 0/1 are always valid */ enterblock(fs, bl, 0); } @@ -1616,6 +1617,7 @@ static void mainfunc (LexState *ls, FuncState *fs) { fs->f->is_vararg = 1; /* main function is always declared vararg */ init_exp(&v, VLOCAL, 0); /* create and... */ newupvalue(fs, ls->envn, &v); /* ...set environment upvalue */ + luaC_objbarrier(ls->L, fs->f, ls->envn); luaX_next(ls); /* read first token */ statlist(ls); /* parse main body */ check(ls, TK_EOS); @@ -1634,6 +1636,7 @@ LClosure *luaY_parser (lua_State *L, ZIO *z, Mbuffer *buff, sethvalue(L, L->top, lexstate.h); /* anchor it */ luaD_inctop(L); funcstate.f = cl->p = luaF_newproto(L); + luaC_objbarrier(L, cl, cl->p); funcstate.f->source = luaS_new(L, name); /* create and anchor TString */ lua_assert(iswhite(funcstate.f)); /* do not need barrier here */ lexstate.buff = buff; --- a/src/lundump.c +++ b/src/lundump.c @@ -85,8 +85,9 @@ static lua_Integer LoadInteger (LoadState *S) { } -static TString *LoadString (LoadState *S) { +static TString *LoadString (LoadState *S, Proto *p) { size_t size = LoadByte(S); + TString *ts; if (size == 0xFF) LoadVar(S, size); if (size == 0) @@ -94,13 +95,14 @@ static TString *LoadString (LoadState *S) { else if (--size <= LUAI_MAXSHORTLEN) { /* short string? */ char buff[LUAI_MAXSHORTLEN]; LoadVector(S, buff, size); - return luaS_newlstr(S->L, buff, size); + ts = luaS_newlstr(S->L, buff, size); } else { /* long string */ - TString *ts = luaS_createlngstrobj(S->L, size); + ts = luaS_createlngstrobj(S->L, size); LoadVector(S, getstr(ts), size); /* load directly in final place */ - return ts; } + luaC_objbarrier(S->L, p, ts); + return ts; } @@ -140,7 +142,7 @@ static void LoadConstants (LoadState *S, Proto *f) { break; case LUA_TSHRSTR: case LUA_TLNGSTR: - setsvalue2n(S->L, o, LoadString(S)); + setsvalue2n(S->L, o, LoadString(S, f)); break; default: lua_assert(0); @@ -158,6 +160,7 @@ static void LoadProtos (LoadState *S, Proto *f) { f->p[i] = NULL; for (i = 0; i < n; i++) { f->p[i] = luaF_newproto(S->L); + luaC_objbarrier(S->L, f, f->p[i]); LoadFunction(S, f->p[i], f->source); } } @@ -189,18 +192,18 @@ static void LoadDebug (LoadState *S, Proto *f) { for (i = 0; i < n; i++) f->locvars[i].varname = NULL; for (i = 0; i < n; i++) { - f->locvars[i].varname = LoadString(S); + f->locvars[i].varname = LoadString(S, f); f->locvars[i].startpc = LoadInt(S); f->locvars[i].endpc = LoadInt(S); } n = LoadInt(S); for (i = 0; i < n; i++) - f->upvalues[i].name = LoadString(S); + f->upvalues[i].name = LoadString(S, f); } static void LoadFunction (LoadState *S, Proto *f, TString *psource) { - f->source = LoadString(S); + f->source = LoadString(S, f); if (f->source == NULL) /* no source in dump? */ f->source = psource; /* reuse parent's source */ f->linedefined = LoadInt(S); @@ -271,6 +274,7 @@ LClosure *luaU_undump(lua_State *L, ZIO *Z, const char *name) { setclLvalue(L, L->top, cl); luaD_inctop(L); cl->p = luaF_newproto(L); + luaC_objbarrier(L, cl, cl->p); LoadFunction(&S, cl->p, NULL); lua_assert(cl->nupvalues == cl->p->sizeupvalues); luai_verifycode(L, buff, cl->p); --- a/src/lapi.c +++ b/src/lapi.c @@ -1254,13 +1254,12 @@ LUA_API const char *lua_setupvalue (lua_State *L, int funcindex, int n) { } -static UpVal **getupvalref (lua_State *L, int fidx, int n, LClosure **pf) { +static UpVal **getupvalref (lua_State *L, int fidx, int n) { LClosure *f; StkId fi = index2addr(L, fidx); api_check(L, ttisLclosure(fi), "Lua function expected"); f = clLvalue(fi); api_check(L, (1 <= n && n <= f->p->sizeupvalues), "invalid upvalue index"); - if (pf) *pf = f; return &f->upvals[n - 1]; /* get its upvalue pointer */ } @@ -1269,7 +1268,7 @@ LUA_API void *lua_upvalueid (lua_State *L, int fidx, int n) { StkId fi = index2addr(L, fidx); switch (ttype(fi)) { case LUA_TLCL: { /* lua closure */ - return *getupvalref(L, fidx, n, NULL); + return *getupvalref(L, fidx, n); } case LUA_TCCL: { /* C closure */ CClosure *f = clCvalue(fi); @@ -1286,9 +1285,10 @@ LUA_API void *lua_upvalueid (lua_State *L, int fidx, int n) { LUA_API void lua_upvaluejoin (lua_State *L, int fidx1, int n1, int fidx2, int n2) { - LClosure *f1; - UpVal **up1 = getupvalref(L, fidx1, n1, &f1); - UpVal **up2 = getupvalref(L, fidx2, n2, NULL); + UpVal **up1 = getupvalref(L, fidx1, n1); + UpVal **up2 = getupvalref(L, fidx2, n2); + if (*up1 == *up2) + return; luaC_upvdeccount(L, *up1); *up1 = *up2; (*up1)->refcount++; @@ -1289,6 +1289,8 @@ LUA_API void lua_upvaluejoin (lua_State *L, int fidx1, int n1, LClosure *f1; UpVal **up1 = getupvalref(L, fidx1, n1, &f1); UpVal **up2 = getupvalref(L, fidx2, n2, NULL); + if (*up1 == *up2) + return; luaC_upvdeccount(L, *up1); *up1 = *up2; (*up1)->refcount++; --- a/Makefile +++ b/Makefile @@ -49 +49 @@ -R= $V.4 +R= $V.5
