mirrors/lua
0
0
Fork 0
mirror of https://github.com/lua/lua.git synced 2024-11-24 10:43:44 +08:00
Code Issues Packages Projects Releases Wiki Activity
4,820 Commits 4 Branches 53 Tags 18 MiB
49dfaf7447
Commit Graph

161 Commits

Author SHA1 Message Date
Roberto Ierusalimschy
e99e9a9473 patches for last two bugs (string.format and io.read) 2010-05-14 12:34:57 -03:00
Roberto Ierusalimschy
9d28e2b3e5 bug with io.read(op, "*n") 2010-04-19 15:04:58 -03:00
Roberto Ierusalimschy
8003e9544d 'string.format' may get buffer as an argument when there are 
missing arguments and format string is too long
 2010-04-19 13:39:25 -03:00
Roberto Ierusalimschy
9a6d9ea57a GC may get stuck during a parser and avoids proper resizing of the 
string table, making its lists grow too much and degrading performance.
 2009-11-23 12:59:30 -02:00
Roberto Ierusalimschy
95cbc402dc "But" -> "Bug" (misspelling) 2009-08-05 10:09:38 -03:00
Roberto Ierusalimschy
decada8dc2 'debug.getfenv' does not check whether it has an argument 2009-08-04 15:51:19 -03:00
Roberto Ierusalimschy
0c258c8492 smart use of varargs may create functions that return too 
many arguments and overflow the stack of C functions.
 2009-07-02 16:57:34 -03:00
Roberto Ierusalimschy
d57c9cdefc BUG: 'luaV_settable' may invalidate a reference to a table and try 
to reuse it.
 2009-07-01 18:10:33 -03:00
Roberto Ierusalimschy
49b88b1c39 patch for wrong code generation for some particular boolean expressions 2009-06-15 11:12:59 -03:00
Roberto Ierusalimschy
58c3aa8b5f malicious zero-length string in binary code may segfault Lua + 
wrong code generation for some particular boolean expressions
 2009-04-27 17:11:11 -03:00
Roberto Ierusalimschy
ccd678ea3e 'module' may change the environment of a C function + 
internal macro 'svalue' is wrong
 2008-08-06 10:32:45 -03:00
Roberto Ierusalimschy
6955666290 'string.byte' gets confused with some out-of-range negative indices + 
user-requested GC step may loop forever
 2008-07-11 14:27:41 -03:00
Roberto Ierusalimschy
a3af42de8e patch for "blow stack" bug 2008-05-08 13:55:08 -03:00
Roberto Ierusalimschy
2b84e36b93 patches for some bugs 2008-04-04 22:31:59 -03:00
Roberto Ierusalimschy
e64b0cada8 several bugs related to precompiled code 2008-04-01 16:17:48 -03:00
Roberto Ierusalimschy
32d42bdcdc bugs: lua_checkstack may have arithmetic overflow for large 'size' + 
unpack with maximum indices may crash due to arithmetic overflow
 2008-02-14 14:51:57 -02:00
Roberto Ierusalimschy
f6cab9666c corrected name of 'Patrick Donnelly' 2008-02-12 14:42:46 -02:00
Roberto Ierusalimschy
3b5b14a085 LUAI_MAXCSTACK must be smaller than -LUA_REGISTRYINDEX + 
coroutine.resume pushes element without ensuring stack size
 2008-02-11 17:18:21 -02:00
Roberto Ierusalimschy
3a515df086 debug.sethook/gethook may overflow the thread's stack 2008-01-21 12:41:19 -02:00
Roberto Ierusalimschy
fdecdd0cec stand-alone interpreter shows incorrect error message when the 
'message' is a coroutine (already fixed in 5.2)
 2007-12-27 10:58:29 -02:00
Roberto Ierusalimschy
abcc124df0 BUG: lua_setfenv may crash if called over an invalid object 2007-11-28 16:27:38 -02:00
Roberto Ierusalimschy
9f0d62ad9f BUG: table.remove removes last element of a table when given 
an out-of-bound index
 2007-11-26 14:57:33 -02:00
Roberto Ierusalimschy
c06cc60946 BUG: 'gsub' may go wild when wrongly called without its third 
> argument and with a large subject.
 2007-10-29 13:51:10 -02:00
Roberto Ierusalimschy
8acaa2ce07 An error in a module loaded through the '-l' option 
shows no traceback.
 2007-09-05 14:18:27 -03:00
Roberto Ierusalimschy
ec68ed66ed detail 2007-08-01 09:17:29 -03:00
Roberto Ierusalimschy
f6a81dbe97 BUG: too many variables in an assignment may cause a C stack overflow 2007-07-31 16:39:52 -03:00
Roberto Ierusalimschy
dc59444cd1 strong collision for very small numbers used as table keys 2007-06-19 17:23:29 -03:00
Roberto Ierusalimschy
18a583306b patch may be a little simpler 2007-05-29 16:05:25 -03:00
Roberto Ierusalimschy
fc8d077612 bug: wrong error message in some concatenations 2007-05-29 15:59:59 -03:00
Roberto Ierusalimschy
e64fcb9d94 bug: recursive coroutines may overflow C stack 2007-05-25 14:13:47 -03:00
Roberto Ierusalimschy
6c0a9a272e assignment of nil to parameter may be optimized away 
__concat metamethod converts numbers to strings
loadlib.c should not access Lua internals
code generated for "-nil", "-true", and "-false" is wrong
Count hook may be called without being set
 2007-05-16 12:39:08 -03:00
Roberto Ierusalimschy
60bc151ed7 patch for last bug 2007-03-09 15:51:32 -03:00
Roberto Ierusalimschy
3bf0292cd5 two new bugs + one new patch 2007-02-09 10:39:52 -02:00
Roberto Ierusalimschy
d513c3c66b bug: os.date throws error when result is the empty string 2006-09-19 10:57:08 -03:00
Roberto Ierusalimschy
93d3c8450c bug: string.format("%") reads past the string 2006-09-18 13:33:14 -03:00
Roberto Ierusalimschy
ca7e5b5cb6 wrong message error in some cases involving closures 2006-08-07 16:04:06 -03:00
Roberto Ierusalimschy
3fa47c5dc1 bugs now are against 5.1.1 2006-07-13 11:37:36 -03:00
Roberto Ierusalimschy
0782416a74 bug: wrong limit for list constructors 2006-07-12 16:02:50 -03:00
Roberto Ierusalimschy
a62fca1ebb BUG: debug hooks may get wrong when mixed with coroutines 2006-06-05 16:36:45 -03:00
Roberto Ierusalimschy
ad0765b4f0 subtle problem with the garbage collector 2006-05-24 11:33:49 -03:00
Roberto Ierusalimschy
18330b6091 lua_dostring/lua_dofile should return any values returned by the chunk 2006-04-12 17:31:15 -03:00
Roberto Ierusalimschy
8487913697 BUG: option '%q' for string.format does not handle '\r' correctly 2006-04-12 17:13:52 -03:00
Roberto Ierusalimschy
0238a0b01e BUG: luaL_checkudata may show wrong error message 2006-03-21 16:31:09 -03:00
Roberto Ierusalimschy
1ae0b6c0bf BUG: should copy the union, not (some of) its fields 2006-03-21 16:28:49 -03:00
Roberto Ierusalimschy
2c8206d448 bug in Lua 4.0.2: weak tables that survive one collection are never collected 2006-03-20 09:49:30 -03:00
Roberto Ierusalimschy
6bfef60e77 bug: rawset/rawget do not ignore extra arguments 2005-03-11 12:51:08 -03:00
Roberto Ierusalimschy
0e60572606 values holded in open upvalues of suspended threads may be 
incorrectly collected
 2005-01-19 15:03:47 -02:00
Roberto Ierusalimschy
cfd7bc478f better patch for buffer overflow error 2004-11-03 10:22:39 -02:00
Roberto Ierusalimschy
271e05917f bug: lua_getupvalue and setupvalue do not check for index too small. 2004-08-17 14:45:45 -03:00
Roberto Ierusalimschy
9b854e6dbc BUG: string concatenation may cause arithmetic overflow, leading 
to a buffer overflow.
 2004-06-08 13:23:58 -03:00
Roberto Ierusalimschy
8e1f25e3f8 bug in `dofile' 2004-03-15 18:09:55 -03:00
Roberto Ierusalimschy
a41d60e1d1 debugger can only see `local function' after it has a meaningful value 2003-10-09 14:56:23 -03:00
Roberto Ierusalimschy
21947deddc new bug + correction in path for coroutine bug 2003-10-07 09:34:21 -03:00
Roberto Ierusalimschy
5d4bf35ec9 bug: syntax `local function' does not increment stack size 2003-09-29 13:41:35 -03:00
Roberto Ierusalimschy
994a37c8e8 IBM AS400 (OS400) has sizeof(void *)==16, and a `%p' may generate 
up to 60 characters in a `printf'. That causes a buffer overflow in
`tostring'..
 2003-08-29 13:50:02 -03:00
Roberto Ierusalimschy
d66198719d several bugs for Lua 5.0 + new format for bug entries 2003-07-29 16:27:46 -03:00
Roberto Ierusalimschy
b518d14071 bug: zio mixes a 255 as first char in a buffer with EOZ 2003-03-20 13:00:56 -03:00
Roberto Ierusalimschy
69dd9461e5 bug: GC metamethod calls could mess C/Lua stack syncronization 2003-02-28 16:45:15 -03:00
Roberto Ierusalimschy
feb724c122 ULONG_MAX>>10 may not fit into an int (old bug) 2003-02-21 16:00:14 -03:00
Roberto Ierusalimschy
e44e579dc1 bug: luaD_protectedparser must protect its garbage collection too 2003-01-23 09:31:38 -02:00
Roberto Ierusalimschy
75f73172c4 bug: `resume' was checking the wrong value for stack overflow 2002-12-20 07:55:56 -02:00
Roberto Ierusalimschy
cc4a22ebe2 bug: scope of generic for variables is not sound 2002-12-06 15:09:00 -02:00
Roberto Ierusalimschy
beeff4ccaf GC metamethod stored in a weak metatable being collected together with 
userdata may not be cleared properly
 2002-08-30 16:08:30 -03:00
Roberto Ierusalimschy
6de93e2932 two new bugs in 4.0 :-( (both were already corrected in 5.0 :-) 2002-06-25 16:23:55 -03:00
Roberto Ierusalimschy
9d2e454d6f BUG: seg. fault when rawget/rawset get extra arguments 2001-12-21 15:30:31 -02:00
Roberto Ierusalimschy
a3d03ff6b6 bug: error message for `%a' gave wrong line number 2001-07-10 17:02:22 -03:00
Roberto Ierusalimschy
d444153dbe ESC (which starts precompiled code) in C is \33, not \27 2001-02-06 11:59:29 -02:00
Roberto Ierusalimschy
42224ca553 loop of 'dostring' may never reclaim memory 2001-02-02 14:23:20 -02:00
Roberto Ierusalimschy
6858763994 bug in lua_pushuserdata(L, NULL) 2001-02-01 11:56:49 -02:00
Roberto Ierusalimschy
6af005ec20 bug: when `read' fails it must return nil (and not no value) 2000-12-22 15:32:28 -02:00
Roberto Ierusalimschy
fc7b167ae0 BUG: parser does not accept a ;' after a return' 2000-11-29 09:57:42 -02:00
Roberto Ierusalimschy
89f98c0995 in function `read_file', realloc() doesn't free the buffer if it can't 
allocate new memory
 2000-10-26 10:53:55 -02:00
Roberto Ierusalimschy
282ab366f4 bug: parser overwrites semantic information when looking ahead 2000-09-27 14:41:58 -03:00
Roberto Ierusalimschy
444d6a106b lua_tag should return LUA_NOTAG for non-valid indices 2000-09-27 09:51:39 -03:00
Roberto Ierusalimschy
c9c6f9747c GC may crash when checking C closures 2000-09-25 11:52:10 -03:00
Roberto Ierusalimschy
c2aa7bd72d bug: lua_gettable does not get key from stack top 2000-09-25 11:48:42 -03:00
Roberto Ierusalimschy
f9dd50cefc `read("*w")' should return nil at EOF 2000-09-22 15:14:06 -03:00
Roberto Ierusalimschy
48a968e6b5 gc tag method for nil could call line hook 2000-08-29 16:00:57 -03:00
Roberto Ierusalimschy
677313da32 bug: record-constructor starting with an upvalue name gets an error 2000-05-24 15:04:17 -03:00
Roberto Ierusalimschy
843f84f4ce first element in a list constructor is not adjusted to one value. 2000-05-12 15:12:04 -03:00
Roberto Ierusalimschy
fe5c37ae95 BUG: `strfind' gets wrong subject length when there is an offset 2000-05-02 15:32:22 -03:00
Roberto Ierusalimschy
b9c98cd4d9 entry for new version (4.0a) 2000-04-25 13:45:39 -03:00
Roberto Ierusalimschy
e30327728c BUG: tostring() without arguments gives seg. fault. 2000-04-03 10:20:33 -03:00
Roberto Ierusalimschy
1780e2c977 lua_settable should check stack space (it could call a T.M.) 2000-03-02 09:44:29 -03:00
Roberto Ierusalimschy
b3aaa048b0 bug: cannot reopen stdin (for binary mode) 1999-12-30 16:40:57 -02:00
Roberto Ierusalimschy
4d1b815b60 return gives wrong line in debug information. 1999-12-29 16:07:10 -02:00
Roberto Ierusalimschy
a6755e2f1a BUG: `strfind' does not handle \0 in plain search. 1999-11-11 14:45:04 -02:00
Roberto Ierusalimschy
ae3ecc2d4a tonumber'e1' and tonumber(' ', x), for x!=10, gave 0 instead of nil. 1999-09-08 17:45:18 -03:00
Roberto Ierusalimschy
7d365a5c7a in the (old) expression << ls->fs->f->consts[checkname(ls)] >>, checkname 
could realloc f->consts.
 1999-09-02 10:13:22 -03:00
Roberto Ierusalimschy
2a03170ebd random(0) and random(x,0) are wrong (0 is read as no argument!). 1999-08-18 11:40:51 -03:00
Roberto Ierusalimschy
d4dce57f5c cannot assign to unlimited variables, because it causes overflow in 
the number of returns of a function.
 1999-06-16 10:35:01 -03:00
Roberto Ierusalimschy
3b533ea7c7 foreach, foreachi, foreachvar points to function in stack when stack 
can be reallocated.
 1999-05-24 14:53:49 -03:00
Roberto Ierusalimschy
cc0f635ef7 '$' at end of pattern was matching regular '$', too. 1999-04-30 11:12:05 -03:00
Roberto Ierusalimschy
6233d21c9d file stream cannot call fread after EOF. 1999-03-04 11:50:26 -03:00
Roberto Ierusalimschy
1dcf1c9cbd format "%s" may break limit of "sprintf" on some machines. 1999-02-04 17:29:51 -02:00
Roberto Ierusalimschy
80001ab0eb getlocal cannot return the local itself, since lua_isstring and 
lua_isnumber can modify it.
 1999-02-03 14:42:42 -02:00
Roberto Ierusalimschy
b94110a68f bug: "format" does not check size of format item (such as "%00000...00000d"). 1999-01-04 10:53:24 -02:00
Roberto Ierusalimschy
0c9080c7a9 "tonumber" goes crazy with negative numbers in other bases (not 10), 
because "strtol" returns long, not unsigned long.
 1998-12-18 11:26:43 -02:00
Roberto Ierusalimschy
a84bca67fc bug: gsub/strfind do not check whether captures are properly finished. 1998-11-10 17:38:12 -02:00
Roberto Ierusalimschy
ce9609296c function "luaL_argerror" prints wrong argument number (from a user's point 
of view) when functions have upvalues.
 1998-09-07 15:59:59 -03:00