commit 842a83f09caa2ebd4bc03e0076420148ac07c808
parent 7923dbbf72da303ca1cca17efd24725668992f15
Author: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date: Fri, 24 Nov 2023 16:08:28 -0300
Panic functions should not raise errors
The standard panic function was using 'lua_tostring', which may raise
a memory-allocation error if error value is a number.
Diffstat:
3 files changed, 14 insertions(+), 4 deletions(-)
diff --git a/lauxlib.c b/lauxlib.c
@@ -1025,9 +1025,14 @@ static void *l_alloc (void *ud, void *ptr, size_t osize, size_t nsize) {
}
+/*
+** Standard panic funcion just prints an error message. The test
+** with 'lua_type' avoids possible memory errors in 'lua_tostring'.
+*/
static int panic (lua_State *L) {
- const char *msg = lua_tostring(L, -1);
- if (msg == NULL) msg = "error object is not a string";
+ const char *msg = (lua_type(L, -1) == LUA_TSTRING)
+ ? lua_tostring(L, -1)
+ : "error object is not a string";
lua_writestringerror("PANIC: unprotected error in call to Lua API (%s)\n",
msg);
return 0; /* return to Lua to abort */
diff --git a/ltests.c b/ltests.c
@@ -73,8 +73,9 @@ static void badexit (const char *fmt, const char *s1, const char *s2) {
static int tpanic (lua_State *L) {
- const char *msg = lua_tostring(L, -1);
- if (msg == NULL) msg = "error object is not a string";
+ const char *msg = (lua_type(L, -1) == LUA_TSTRING)
+ ? lua_tostring(L, -1)
+ : "error object is not a string";
return (badexit("PANIC: unprotected error in call to Lua API (%s)\n",
msg, NULL),
0); /* do not return to Lua */
diff --git a/manual/manual.of b/manual/manual.of
@@ -4486,6 +4486,10 @@ This string always has a zero (@Char{\0})
after its last character (as @N{in C}),
but can contain other zeros in its body.
+This function can raise memory errors only
+when converting a number to a string
+(as then it has to create a new string).
+
}
@APIEntry{lua_Number lua_tonumber (lua_State *L, int index);|
