commit 38cc7d40a4bcb89314d212fdffd2ca8deebc3cb7
parent bc970005ce2e258e29a5c315ea4e49f76a66586e
Author: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date: Mon, 15 Feb 2021 10:37:42 -0300
Bug: cannot allow the call 'debug.getinfo(0, ">")'
A 'what' argument starting with '>' indicates that there is a function
in the C stack, which won't be there if the first argument is not a
function.
Diffstat:
2 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/ldblib.c b/ldblib.c
@@ -152,6 +152,7 @@ static int db_getinfo (lua_State *L) {
lua_State *L1 = getthread(L, &arg);
const char *options = luaL_optstring(L, arg+2, "flnSrtu");
checkstack(L, L1, 3);
+ luaL_argcheck(L, options[0] != '>', arg + 2, "invalid option '>'");
if (lua_isfunction(L, arg + 1)) { /* info about a function? */
options = lua_pushfstring(L, ">%s", options); /* add '>' to 'options' */
lua_pushvalue(L, arg + 1); /* move function to 'L1' stack */
diff --git a/testes/db.lua b/testes/db.lua
@@ -31,6 +31,7 @@ end
do
assert(not pcall(debug.getinfo, print, "X")) -- invalid option
+ assert(not pcall(debug.getinfo, 0, ">")) -- invalid option
assert(not debug.getinfo(1000)) -- out of range level
assert(not debug.getinfo(-1)) -- out of range level
local a = debug.getinfo(print)