lua

commit 38cc7d40a4bcb89314d212fdffd2ca8deebc3cb7
parent bc970005ce2e258e29a5c315ea4e49f76a66586e
Author: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date:   Mon, 15 Feb 2021 10:37:42 -0300

Bug: cannot allow the call 'debug.getinfo(0, ">")'

A 'what' argument starting with '>' indicates that there is a function
in the C stack, which won't be there if the first argument is not a
function.

Diffstat:
M
ldblib.c
 | 
1
+
M
testes/db.lua
 | 
1
+

2 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/ldblib.c b/ldblib.c
@@ -152,6 +152,7 @@ static int db_getinfo (lua_State *L) {
   lua_State *L1 = getthread(L, &arg);
   const char *options = luaL_optstring(L, arg+2, "flnSrtu");
   checkstack(L, L1, 3);
+  luaL_argcheck(L, options[0] != '>', arg + 2, "invalid option '>'");
   if (lua_isfunction(L, arg + 1)) {  /* info about a function? */
     options = lua_pushfstring(L, ">%s", options);  /* add '>' to 'options' */
     lua_pushvalue(L, arg + 1);  /* move function to 'L1' stack */
diff --git a/testes/db.lua b/testes/db.lua
@@ -31,6 +31,7 @@ end
 
 do
   assert(not pcall(debug.getinfo, print, "X"))   -- invalid option
+  assert(not pcall(debug.getinfo, 0, ">"))   -- invalid option
   assert(not debug.getinfo(1000))   -- out of range level
   assert(not debug.getinfo(-1))     -- out of range level
   local a = debug.getinfo(print)