diff options
Diffstat (limited to 'main/redis/CVE-2015-8080.patch')
| -rw-r--r-- | main/redis/CVE-2015-8080.patch | 51 |
1 files changed, 0 insertions, 51 deletions
diff --git a/main/redis/CVE-2015-8080.patch b/main/redis/CVE-2015-8080.patch deleted file mode 100644 index 22ff080ace..0000000000 --- a/main/redis/CVE-2015-8080.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 8bb9cb38befd8c1131576b9fdbea605a7a094245 Mon Sep 17 00:00:00 2001 -From: Sun He <sunheehnus@gmail.com> -Date: Sun, 13 Dec 2015 13:47:22 +0800 -Subject: [PATCH] lua_struct.c/getnum: throw error if overflow happen - -Fix issue #2855 ---- - deps/lua/src/lua_struct.c | 10 ++++++---- - 1 file changed, 6 insertions(+), 4 deletions(-) - -diff --git a/deps/lua/src/lua_struct.c b/deps/lua/src/lua_struct.c -index ec78bcb..a602bb4 100644 ---- a/deps/lua/src/lua_struct.c -+++ b/deps/lua/src/lua_struct.c -@@ -89,12 +89,14 @@ typedef struct Header { - } Header; - - --static int getnum (const char **fmt, int df) { -+static int getnum (lua_State *L, const char **fmt, int df) { - if (!isdigit(**fmt)) /* no number? */ - return df; /* return default value */ - else { - int a = 0; - do { -+ if (a > (INT_MAX / 10) || a * 10 > (INT_MAX - (**fmt - '0'))) -+ luaL_error(L, "integral size overflow"); - a = a*10 + *((*fmt)++) - '0'; - } while (isdigit(**fmt)); - return a; -@@ -115,9 +117,9 @@ static size_t optsize (lua_State *L, char opt, const char **fmt) { - case 'f': return sizeof(float); - case 'd': return sizeof(double); - case 'x': return 1; -- case 'c': return getnum(fmt, 1); -+ case 'c': return getnum(L, fmt, 1); - case 'i': case 'I': { -- int sz = getnum(fmt, sizeof(int)); -+ int sz = getnum(L, fmt, sizeof(int)); - if (sz > MAXINTSIZE) - luaL_error(L, "integral size %d is larger than limit of %d", - sz, MAXINTSIZE); -@@ -150,7 +152,7 @@ static void controloptions (lua_State *L, int opt, const char **fmt, - case '>': h->endian = BIG; return; - case '<': h->endian = LITTLE; return; - case '!': { -- int a = getnum(fmt, MAXALIGN); -+ int a = getnum(L, fmt, MAXALIGN); - if (!isp2(a)) - luaL_error(L, "alignment %d is not a power of 2", a); - h->align = a; |