lua

A copy of the Lua development repository
Log | Files | Refs | README

commit 994a37c8e88d090421afb7ca639f01f868708452
parent 0ff1596476f7e3f65cd5505d148d43baf58fbaac
Author: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date:   Fri, 29 Aug 2003 13:49:40 -0300

IBM AS400 (OS400) has sizeof(void *)==16, and a `%p' may generate
up to 60 characters in a `printf'. That causes a buffer overflow in
`tostring'..

Diffstat:
Mbugs | 28++++++++++++++++++++++++++--
1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/bugs b/bugs @@ -445,13 +445,13 @@ for i=1,10000000 do end ]], patch = [[ -*lgc.h: +* lgc.h: 18c18 < void luaC_separateudata (lua_State *L); --- > size_t luaC_separateudata (lua_State *L); -*lgc.c: +* lgc.c: 113c113,114 < void luaC_separateudata (lua_State *L) { --- @@ -489,4 +489,28 @@ patch = [[ --- > checkSizes(L, deadmem); ]] +} + +Bug{ +what=[[IBM AS400 (OS400) has sizeof(void *)==16, and a `%p' may generate +up to 60 characters in a `printf'. That causes a buffer overflow in +`tostring'.]], +report = [[David Burgess, 25/08/2003]], + +example = [[print{}; (in an AS400 machine)]], + +patch = [[ +* liolib.c: +178c178 +< char buff[32]; +--- +> char buff[128]; + +* lbaselib.c: +327c327 +< char buff[64]; +--- +> char buff[128]; +]] +}