From: Chris Lamb <lamby@debian.org>
Date: Sat, 21 Nov 2015 16:15:23 +0200
Subject: CVE-2015-8080: Integer wraparound in lua_struct.c causing
stack-based buffer overflow
---
deps/lua/src/lua_struct.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/deps/lua/src/lua_struct.c b/deps/lua/src/lua_struct.c
index ec78bcb..b5f8647 100644
--- a/deps/lua/src/lua_struct.c
+++ b/deps/lua/src/lua_struct.c
@@ -96,7 +96,7 @@ static int getnum (const char **fmt, int df) {
int a = 0;
do {
a = a*10 + *((*fmt)++) - '0';
- } while (isdigit(**fmt));
+ } while (isdigit(**fmt) && a <= ((int)MAXINTSIZE - 9)/10);
return a;
}
}
distrib
>
Mageia
>
5
>
i586
>
media
>
core-updates-src
>
by-pkgid
>
2c7262f428fa057fa299888d2e770e06
>
files
>
1
