From cff29fc06bf6b9e1f853589bbe440ec7d525d285 Mon Sep 17 00:00:00 2001 From: Tom Callaway Date: Tue, 1 Aug 2023 09:35:03 -0400 Subject: [PATCH] disable "corrupted binary dump" test that has issues on big-endian architectures, apply upstream fix for 5.4.6 bug 1 --- lua-5.4.6-big-endian-fix.patch | 24 +++++++++++++ lua-5.4.6-bug1.patch | 66 ++++++++++++++++++++++++++++++++++ lua.spec | 11 +++++- 3 files changed, 100 insertions(+), 1 deletion(-) create mode 100644 lua-5.4.6-big-endian-fix.patch create mode 100644 lua-5.4.6-bug1.patch diff --git a/lua-5.4.6-big-endian-fix.patch b/lua-5.4.6-big-endian-fix.patch new file mode 100644 index 0000000..dbd7970 --- /dev/null +++ b/lua-5.4.6-big-endian-fix.patch @@ -0,0 +1,24 @@ +diff -up lua-5.4.6/lua-5.4.6-tests/calls.lua.big-endian-fix lua-5.4.6/lua-5.4.6-tests/calls.lua +--- lua-5.4.6/lua-5.4.6-tests/calls.lua.big-endian-fix 2023-08-01 09:21:13.212388469 -0400 ++++ lua-5.4.6/lua-5.4.6-tests/calls.lua 2023-08-01 09:21:34.552557272 -0400 +@@ -342,20 +342,6 @@ do -- another bug (in 5.4.0) + end + + +-do -- another bug (since 5.2) +- -- corrupted binary dump: list of upvalue names is larger than number +- -- of upvalues, overflowing the array of upvalues. +- local code = +- "\x1b\x4c\x75\x61\x54\x00\x19\x93\x0d\x0a\x1a\x0a\x04\x08\x08\x78\x56\z +- \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x28\x77\x40\x00\x86\x40\z +- \x74\x65\x6d\x70\x81\x81\x01\x00\x02\x82\x48\x00\x02\x00\xc7\x00\x01\z +- \x00\x80\x80\x80\x82\x00\x00\x80\x81\x82\x78\x80\x82\x81\x86\x40\x74\z +- \x65\x6d\x70" +- +- assert(load(code)) -- segfaults in previous versions +-end +- +- + x = string.dump(load("x = 1; return x")) + a = assert(load(read1(x), nil, "b")) + assert(a() == 1 and _G.x == 1) diff --git a/lua-5.4.6-bug1.patch b/lua-5.4.6-bug1.patch new file mode 100644 index 0000000..689ad98 --- /dev/null +++ b/lua-5.4.6-bug1.patch @@ -0,0 +1,66 @@ +From f623b969325be736297bc1dff48e763c08778243 Mon Sep 17 00:00:00 2001 +From: Roberto Ierusalimschy +Date: Wed, 14 Jun 2023 14:38:07 -0300 +Subject: [PATCH] Bug: read overflow in 'l_strcmp' + +Equality according to 'strcoll' does not imply that strings have +the same length. +--- + lvm.c | 38 ++++++++++++++++++++------------------ + 1 file changed, 20 insertions(+), 18 deletions(-) + +diff --git a/src/lvm.c b/src/lvm.c +index 4c300a87a..2b437bdfd 100644 +--- a/src/lvm.c ++++ b/src/lvm.c +@@ -366,30 +366,32 @@ void luaV_finishset (lua_State *L, const TValue *t, TValue *key, + + + /* +-** Compare two strings 'ls' x 'rs', returning an integer less-equal- +-** -greater than zero if 'ls' is less-equal-greater than 'rs'. ++** Compare two strings 'ts1' x 'ts2', returning an integer less-equal- ++** -greater than zero if 'ts1' is less-equal-greater than 'ts2'. + ** The code is a little tricky because it allows '\0' in the strings +-** and it uses 'strcoll' (to respect locales) for each segments +-** of the strings. ++** and it uses 'strcoll' (to respect locales) for each segment ++** of the strings. Note that segments can compare equal but still ++** have different lengths. + */ +-static int l_strcmp (const TString *ls, const TString *rs) { +- const char *l = getstr(ls); +- size_t ll = tsslen(ls); +- const char *r = getstr(rs); +- size_t lr = tsslen(rs); ++static int l_strcmp (const TString *ts1, const TString *ts2) { ++ const char *s1 = getstr(ts1); ++ size_t rl1 = tsslen(ts1); /* real length */ ++ const char *s2 = getstr(ts2); ++ size_t rl2 = tsslen(ts2); + for (;;) { /* for each segment */ +- int temp = strcoll(l, r); ++ int temp = strcoll(s1, s2); + if (temp != 0) /* not equal? */ + return temp; /* done */ + else { /* strings are equal up to a '\0' */ +- size_t len = strlen(l); /* index of first '\0' in both strings */ +- if (len == lr) /* 'rs' is finished? */ +- return (len == ll) ? 0 : 1; /* check 'ls' */ +- else if (len == ll) /* 'ls' is finished? */ +- return -1; /* 'ls' is less than 'rs' ('rs' is not finished) */ +- /* both strings longer than 'len'; go on comparing after the '\0' */ +- len++; +- l += len; ll -= len; r += len; lr -= len; ++ size_t zl1 = strlen(s1); /* index of first '\0' in 's1' */ ++ size_t zl2 = strlen(s2); /* index of first '\0' in 's2' */ ++ if (zl2 == rl2) /* 's2' is finished? */ ++ return (zl1 == rl1) ? 0 : 1; /* check 's1' */ ++ else if (zl1 == rl1) /* 's1' is finished? */ ++ return -1; /* 's1' is less than 's2' ('s2' is not finished) */ ++ /* both strings longer than 'zl'; go on comparing after the '\0' */ ++ zl1++; zl2++; ++ s1 += zl1; rl1 -= zl1; s2 += zl2; rl2 -= zl2; + } + } + } diff --git a/lua.spec b/lua.spec index a67e7d7..bd7aa77 100644 --- a/lua.spec +++ b/lua.spec @@ -14,7 +14,7 @@ Name: lua Version: %{major_version}.6 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Powerful light-weight programming language License: MIT URL: https://www.lua.org/ @@ -36,7 +36,9 @@ Patch4: %{name}-5.3.0-configure-compat-module.patch Patch5: %{name}-5.3.0-autotoolize.patch Patch6: %{name}-5.3.5-luac-shared-link-fix.patch %endif +Patch7: lua-5.4.6-big-endian-fix.patch # https://www.lua.org/bugs.html +Patch8: lua-5.4.6-bug1.patch BuildRequires: automake autoconf libtool readline-devel ncurses-devel BuildRequires: make @@ -93,6 +95,9 @@ mv src/luaconf.h src/luaconf.h.template.in # Put proper version in configure.ac, patch0 hardcodes 5.3.0 sed -i 's|5.3.0|%{version}|g' configure.ac autoreconf -ifv +%patch -P7 -p1 -b .big-endian-fix +%patch -P8 -p1 -b .bug1 + %if 0%{?bootstrap} cd lua-%{bootstrap_version}/ @@ -206,6 +211,10 @@ popd %{_libdir}/*.a %changelog +* Tue Aug 1 2023 Tom Callaway - 5.4.6-3 +- disable "corrupted binary dump" test that has issues on big-endian architectures +- apply upstream fix for 5.4.6 bug 1 + * Thu Jul 20 2023 Fedora Release Engineering - 5.4.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild