nixpkgs-suyu/pkgs/development/interpreters/lua-5/CVE-2019-6706.patch

22 lines
746 B
Diff

--- a/src/lapi.c
+++ b/src/lapi.c
@@ -1285,14 +1285,14 @@ LUA_API void *lua_upvalueid (lua_State *
LUA_API void lua_upvaluejoin (lua_State *L, int fidx1, int n1,
int fidx2, int n2) {
- LClosure *f1;
- UpVal **up1 = getupvalref(L, fidx1, n1, &f1);
+ UpVal **up1 = getupvalref(L, fidx1, n1, NULL); /* the last parameter not needed */
UpVal **up2 = getupvalref(L, fidx2, n2, NULL);
+ if (*up1 == *up2) return; /* Already joined */
+ (*up2)->refcount++;
+ if (upisopen(*up2)) (*up2)->u.open.touched = 1;
+ luaC_upvalbarrier(L, *up2);
luaC_upvdeccount(L, *up1);
*up1 = *up2;
- (*up1)->refcount++;
- if (upisopen(*up1)) (*up1)->u.open.touched = 1;
- luaC_upvalbarrier(L, *up1);
}