Commit Graph

111 Commits

Author SHA1 Message Date
Roberto Ierusalimschy
e99e9a9473 patches for last two bugs (string.format and io.read) 2010-05-14 12:34:57 -03:00
Roberto Ierusalimschy
9d28e2b3e5 bug with io.read(op, "*n") 2010-04-19 15:04:58 -03:00
Roberto Ierusalimschy
8003e9544d 'string.format' may get buffer as an argument when there are
missing arguments and format string is too long
2010-04-19 13:39:25 -03:00
Roberto Ierusalimschy
9a6d9ea57a GC may get stuck during a parser and avoids proper resizing of the
string table, making its lists grow too much and degrading performance.
2009-11-23 12:59:30 -02:00
Roberto Ierusalimschy
95cbc402dc "But" -> "Bug" (misspelling) 2009-08-05 10:09:38 -03:00
Roberto Ierusalimschy
decada8dc2 'debug.getfenv' does not check whether it has an argument 2009-08-04 15:51:19 -03:00
Roberto Ierusalimschy
0c258c8492 smart use of varargs may create functions that return too
many arguments and overflow the stack of C functions.
2009-07-02 16:57:34 -03:00
Roberto Ierusalimschy
d57c9cdefc BUG: 'luaV_settable' may invalidate a reference to a table and try
to reuse it.
2009-07-01 18:10:33 -03:00
Roberto Ierusalimschy
49b88b1c39 patch for wrong code generation for some particular boolean expressions 2009-06-15 11:12:59 -03:00
Roberto Ierusalimschy
58c3aa8b5f malicious zero-length string in binary code may segfault Lua +
wrong code generation for some particular boolean expressions
2009-04-27 17:11:11 -03:00
Roberto Ierusalimschy
ccd678ea3e 'module' may change the environment of a C function +
internal macro 'svalue' is wrong
2008-08-06 10:32:45 -03:00
Roberto Ierusalimschy
6955666290 'string.byte' gets confused with some out-of-range negative indices +
user-requested GC step may loop forever
2008-07-11 14:27:41 -03:00
Roberto Ierusalimschy
a3af42de8e patch for "blow stack" bug 2008-05-08 13:55:08 -03:00
Roberto Ierusalimschy
2b84e36b93 patches for some bugs 2008-04-04 22:31:59 -03:00
Roberto Ierusalimschy
e64b0cada8 several bugs related to precompiled code 2008-04-01 16:17:48 -03:00
Roberto Ierusalimschy
32d42bdcdc bugs: lua_checkstack may have arithmetic overflow for large 'size' +
unpack with maximum indices may crash due to arithmetic overflow
2008-02-14 14:51:57 -02:00
Roberto Ierusalimschy
f6cab9666c corrected name of 'Patrick Donnelly' 2008-02-12 14:42:46 -02:00
Roberto Ierusalimschy
3b5b14a085 LUAI_MAXCSTACK must be smaller than -LUA_REGISTRYINDEX +
coroutine.resume pushes element without ensuring stack size
2008-02-11 17:18:21 -02:00
Roberto Ierusalimschy
3a515df086 debug.sethook/gethook may overflow the thread's stack 2008-01-21 12:41:19 -02:00
Roberto Ierusalimschy
fdecdd0cec stand-alone interpreter shows incorrect error message when the
'message' is a coroutine (already fixed in 5.2)
2007-12-27 10:58:29 -02:00
Roberto Ierusalimschy
abcc124df0 BUG: lua_setfenv may crash if called over an invalid object 2007-11-28 16:27:38 -02:00
Roberto Ierusalimschy
9f0d62ad9f BUG: table.remove removes last element of a table when given
an out-of-bound index
2007-11-26 14:57:33 -02:00
Roberto Ierusalimschy
c06cc60946 BUG: 'gsub' may go wild when wrongly called without its third
> argument and with a large subject.
2007-10-29 13:51:10 -02:00
Roberto Ierusalimschy
8acaa2ce07 An error in a module loaded through the '-l' option
shows no traceback.
2007-09-05 14:18:27 -03:00
Roberto Ierusalimschy
ec68ed66ed detail 2007-08-01 09:17:29 -03:00
Roberto Ierusalimschy
f6a81dbe97 BUG: too many variables in an assignment may cause a C stack overflow 2007-07-31 16:39:52 -03:00
Roberto Ierusalimschy
dc59444cd1 strong collision for very small numbers used as table keys 2007-06-19 17:23:29 -03:00
Roberto Ierusalimschy
18a583306b patch may be a little simpler 2007-05-29 16:05:25 -03:00
Roberto Ierusalimschy
fc8d077612 bug: wrong error message in some concatenations 2007-05-29 15:59:59 -03:00
Roberto Ierusalimschy
e64fcb9d94 bug: recursive coroutines may overflow C stack 2007-05-25 14:13:47 -03:00
Roberto Ierusalimschy
6c0a9a272e assignment of nil to parameter may be optimized away
__concat metamethod converts numbers to strings
loadlib.c should not access Lua internals
code generated for "-nil", "-true", and "-false" is wrong
Count hook may be called without being set
2007-05-16 12:39:08 -03:00
Roberto Ierusalimschy
60bc151ed7 patch for last bug 2007-03-09 15:51:32 -03:00
Roberto Ierusalimschy
3bf0292cd5 two new bugs + one new patch 2007-02-09 10:39:52 -02:00
Roberto Ierusalimschy
d513c3c66b bug: os.date throws error when result is the empty string 2006-09-19 10:57:08 -03:00
Roberto Ierusalimschy
93d3c8450c bug: string.format("%") reads past the string 2006-09-18 13:33:14 -03:00
Roberto Ierusalimschy
ca7e5b5cb6 wrong message error in some cases involving closures 2006-08-07 16:04:06 -03:00
Roberto Ierusalimschy
3fa47c5dc1 bugs now are against 5.1.1 2006-07-13 11:37:36 -03:00
Roberto Ierusalimschy
0782416a74 bug: wrong limit for list constructors 2006-07-12 16:02:50 -03:00
Roberto Ierusalimschy
a62fca1ebb BUG: debug hooks may get wrong when mixed with coroutines 2006-06-05 16:36:45 -03:00
Roberto Ierusalimschy
ad0765b4f0 subtle problem with the garbage collector 2006-05-24 11:33:49 -03:00
Roberto Ierusalimschy
18330b6091 lua_dostring/lua_dofile should return any values returned by the chunk 2006-04-12 17:31:15 -03:00
Roberto Ierusalimschy
8487913697 BUG: option '%q' for string.format does not handle '\r' correctly 2006-04-12 17:13:52 -03:00
Roberto Ierusalimschy
0238a0b01e BUG: luaL_checkudata may show wrong error message 2006-03-21 16:31:09 -03:00
Roberto Ierusalimschy
1ae0b6c0bf BUG: should copy the union, not (some of) its fields 2006-03-21 16:28:49 -03:00
Roberto Ierusalimschy
2c8206d448 bug in Lua 4.0.2: weak tables that survive one collection are never collected 2006-03-20 09:49:30 -03:00
Roberto Ierusalimschy
6bfef60e77 bug: rawset/rawget do not ignore extra arguments 2005-03-11 12:51:08 -03:00
Roberto Ierusalimschy
0e60572606 values holded in open upvalues of suspended threads may be
incorrectly collected
2005-01-19 15:03:47 -02:00
Roberto Ierusalimschy
cfd7bc478f better patch for buffer overflow error 2004-11-03 10:22:39 -02:00
Roberto Ierusalimschy
271e05917f bug: lua_getupvalue and setupvalue do not check for index too small. 2004-08-17 14:45:45 -03:00
Roberto Ierusalimschy
9b854e6dbc BUG: string concatenation may cause arithmetic overflow, leading
to a buffer overflow.
2004-06-08 13:23:58 -03:00