Commit Graph

124 Commits

Author SHA1 Message Date
Roberto Ierusalimschy
6347004be9 stack overflow in vararg functions + garbage collector in recursive loops 2013-05-02 13:13:27 -03:00
Roberto Ierusalimschy
ad56721948 details (5.2 corrected to 5.2.0) 2013-02-07 13:57:47 -02:00
Roberto Ierusalimschy
65e31fb179 Bug: load/loadfile returns wrong result when given an environment
for a binary chunk with no upvalues
2012-12-03 18:18:02 -02:00
Roberto Ierusalimschy
adaba04059 'pcall' may not restore previous error function when
inside coroutines + Check for garbage collector in function calls
does not cover all paths
2012-10-01 11:05:31 -03:00
Roberto Ierusalimschy
2038073975 more regularity for field 'fix' 2012-09-11 09:42:14 -03:00
Roberto Ierusalimschy
763f84c84c Some patterns can overflow the C stack, due to recursion. 2012-07-13 11:53:38 -03:00
Roberto Ierusalimschy
78d9865900 bugs: Internal Lua values may escape through the debug API +
Problems when yielding from debug hooks
2012-06-11 14:49:37 -03:00
Roberto Ierusalimschy
4ec7d6de95 bug: wrong handling of 'nCcalls' in coroutines 2012-05-11 11:10:28 -03:00
Roberto Ierusalimschy
1485ea2ee7 Finalizers may call functions from a dynamic library after
the library has been unloaded
2012-04-12 13:25:25 -03:00
Roberto Ierusalimschy
81ed85ecfb BUG: memory hoarding when creating Lua hooks for coroutines
BUG: Lexical gets confused with some combination of arithmetic
operators and hexadecimal numbers
2012-01-20 16:32:13 -02:00
Roberto Ierusalimschy
1dd8af67b6 BUG: parser may collect a prototype while building it. 2011-10-21 17:34:23 -02:00
Roberto Ierusalimschy
8a008a2057 bug: __newindex metamethod may not work if metatable is its own
metatable.
2011-08-17 17:38:51 -03:00
Roberto Ierusalimschy
a7faa557fa bug: problem with optimizations of short-circuit logic 2011-01-31 12:52:32 -02:00
Roberto Ierusalimschy
e99e9a9473 patches for last two bugs (string.format and io.read) 2010-05-14 12:34:57 -03:00
Roberto Ierusalimschy
9d28e2b3e5 bug with io.read(op, "*n") 2010-04-19 15:04:58 -03:00
Roberto Ierusalimschy
8003e9544d 'string.format' may get buffer as an argument when there are
missing arguments and format string is too long
2010-04-19 13:39:25 -03:00
Roberto Ierusalimschy
9a6d9ea57a GC may get stuck during a parser and avoids proper resizing of the
string table, making its lists grow too much and degrading performance.
2009-11-23 12:59:30 -02:00
Roberto Ierusalimschy
95cbc402dc "But" -> "Bug" (misspelling) 2009-08-05 10:09:38 -03:00
Roberto Ierusalimschy
decada8dc2 'debug.getfenv' does not check whether it has an argument 2009-08-04 15:51:19 -03:00
Roberto Ierusalimschy
0c258c8492 smart use of varargs may create functions that return too
many arguments and overflow the stack of C functions.
2009-07-02 16:57:34 -03:00
Roberto Ierusalimschy
d57c9cdefc BUG: 'luaV_settable' may invalidate a reference to a table and try
to reuse it.
2009-07-01 18:10:33 -03:00
Roberto Ierusalimschy
49b88b1c39 patch for wrong code generation for some particular boolean expressions 2009-06-15 11:12:59 -03:00
Roberto Ierusalimschy
58c3aa8b5f malicious zero-length string in binary code may segfault Lua +
wrong code generation for some particular boolean expressions
2009-04-27 17:11:11 -03:00
Roberto Ierusalimschy
ccd678ea3e 'module' may change the environment of a C function +
internal macro 'svalue' is wrong
2008-08-06 10:32:45 -03:00
Roberto Ierusalimschy
6955666290 'string.byte' gets confused with some out-of-range negative indices +
user-requested GC step may loop forever
2008-07-11 14:27:41 -03:00
Roberto Ierusalimschy
a3af42de8e patch for "blow stack" bug 2008-05-08 13:55:08 -03:00
Roberto Ierusalimschy
2b84e36b93 patches for some bugs 2008-04-04 22:31:59 -03:00
Roberto Ierusalimschy
e64b0cada8 several bugs related to precompiled code 2008-04-01 16:17:48 -03:00
Roberto Ierusalimschy
32d42bdcdc bugs: lua_checkstack may have arithmetic overflow for large 'size' +
unpack with maximum indices may crash due to arithmetic overflow
2008-02-14 14:51:57 -02:00
Roberto Ierusalimschy
f6cab9666c corrected name of 'Patrick Donnelly' 2008-02-12 14:42:46 -02:00
Roberto Ierusalimschy
3b5b14a085 LUAI_MAXCSTACK must be smaller than -LUA_REGISTRYINDEX +
coroutine.resume pushes element without ensuring stack size
2008-02-11 17:18:21 -02:00
Roberto Ierusalimschy
3a515df086 debug.sethook/gethook may overflow the thread's stack 2008-01-21 12:41:19 -02:00
Roberto Ierusalimschy
fdecdd0cec stand-alone interpreter shows incorrect error message when the
'message' is a coroutine (already fixed in 5.2)
2007-12-27 10:58:29 -02:00
Roberto Ierusalimschy
abcc124df0 BUG: lua_setfenv may crash if called over an invalid object 2007-11-28 16:27:38 -02:00
Roberto Ierusalimschy
9f0d62ad9f BUG: table.remove removes last element of a table when given
an out-of-bound index
2007-11-26 14:57:33 -02:00
Roberto Ierusalimschy
c06cc60946 BUG: 'gsub' may go wild when wrongly called without its third
> argument and with a large subject.
2007-10-29 13:51:10 -02:00
Roberto Ierusalimschy
8acaa2ce07 An error in a module loaded through the '-l' option
shows no traceback.
2007-09-05 14:18:27 -03:00
Roberto Ierusalimschy
ec68ed66ed detail 2007-08-01 09:17:29 -03:00
Roberto Ierusalimschy
f6a81dbe97 BUG: too many variables in an assignment may cause a C stack overflow 2007-07-31 16:39:52 -03:00
Roberto Ierusalimschy
dc59444cd1 strong collision for very small numbers used as table keys 2007-06-19 17:23:29 -03:00
Roberto Ierusalimschy
18a583306b patch may be a little simpler 2007-05-29 16:05:25 -03:00
Roberto Ierusalimschy
fc8d077612 bug: wrong error message in some concatenations 2007-05-29 15:59:59 -03:00
Roberto Ierusalimschy
e64fcb9d94 bug: recursive coroutines may overflow C stack 2007-05-25 14:13:47 -03:00
Roberto Ierusalimschy
6c0a9a272e assignment of nil to parameter may be optimized away
__concat metamethod converts numbers to strings
loadlib.c should not access Lua internals
code generated for "-nil", "-true", and "-false" is wrong
Count hook may be called without being set
2007-05-16 12:39:08 -03:00
Roberto Ierusalimschy
60bc151ed7 patch for last bug 2007-03-09 15:51:32 -03:00
Roberto Ierusalimschy
3bf0292cd5 two new bugs + one new patch 2007-02-09 10:39:52 -02:00
Roberto Ierusalimschy
d513c3c66b bug: os.date throws error when result is the empty string 2006-09-19 10:57:08 -03:00
Roberto Ierusalimschy
93d3c8450c bug: string.format("%") reads past the string 2006-09-18 13:33:14 -03:00
Roberto Ierusalimschy
ca7e5b5cb6 wrong message error in some cases involving closures 2006-08-07 16:04:06 -03:00
Roberto Ierusalimschy
3fa47c5dc1 bugs now are against 5.1.1 2006-07-13 11:37:36 -03:00