File CVE-2020-11722.patch of Package crawl

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2020-11722.patch of Package crawl

Fix CVE CVE-2020-11722 before version 0.25
Contains upstream commits 768f60da87a3fa0b5561da5ade9309577c176d04 and fc522ff6eb1bbb85e3de60c60a45762571e48c28

diff -Nur stone_soup-0.24.0/source/clua.cc new/source/clua.cc
--- stone_soup-0.24.0/source/clua.cc	2019-04-21 07:54:24.000000000 +0200
+++ new/source/clua.cc	2020-04-14 13:38:19.579713046 +0200
@@ -315,6 +315,9 @@
     while (!f.eof())
         script += f.get_line() + "\n";
 
+    if (script[0] == 0x1b)
+        abort();
+
     // prefixing with @ stops lua from adding [string "%s"]
     return luaL_loadbuffer(ls, &script[0], script.length(),
                            ("@" + file).c_str());
@@ -729,6 +732,20 @@
     return !err;
 }
 
+static int lua_loadstring(lua_State *ls)
+{
+    const auto lua = luaL_checkstring(ls, 1);
+    if (lua[0] == 0x1b)
+        abort();
+    lua_settop(ls, 0);
+    if (luaL_loadstring(ls, lua))
+    {
+        lua_pushnil(ls);
+        lua_insert(ls, 1);
+    }
+    return lua_gettop(ls);
+}
+
 void CLua::init_lua()
 {
     if (_state)
@@ -751,6 +768,11 @@
 
     lua_stack_cleaner clean(_state);
 
+    lua_pushcfunction(_state, lua_loadstring);
+    lua_setglobal(_state, "loadstring");
+    lua_pushnil(_state);
+    lua_setglobal(_state, "load");
+
     lua_atpanic(_state, _clua_panic);
 
 #ifdef CLUA_UNRESTRICTED_LIBS

Places

File CVE-2020-11722.patch of Package crawl

Places