Upgrade lua to 5.4.4 to fix CVE-2021-44964 (#5478)
* Upgrade lua to 5.4.4 to fix CVE-2021-44964 * Update signature file manually * Update toolchain build scripts for lua * Remove patches that were already merged to lua-5.4.4 * Fix typo in changelog
This commit is contained in:
Родитель
33106ca0ad
Коммит
b9b5742300
|
@ -1,50 +0,0 @@
|
|||
From ffdc636df564edc0f9982e8538a56010db08e9d6 Mon Sep 17 00:00:00 2001
|
||||
From: Shreenidhi Shedi <sshedi@vmware.com>
|
||||
Date: Mon, 15 Nov 2021 16:54:56 +0530
|
||||
Subject: [PATCH] Bug: C stack overflow with coroutines
|
||||
|
||||
'coroutine.resume' did not increment counter of C calls when
|
||||
continuing execution after a protected error (that is,
|
||||
while running 'precover').
|
||||
|
||||
Upstream commit:
|
||||
https://github.com/lua/lua/commit/74d99057a5146755e737c479850f87fd0e3b6868
|
||||
|
||||
Originally Authored by: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
|
||||
|
||||
Test related changes are omitted.
|
||||
[Signed-off-by: Shreenidhi Shedi <sshedi@vmware.com>]
|
||||
---
|
||||
src/ldo.c | 6 ++++--
|
||||
1 file changed, 4 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/ldo.c b/src/ldo.c
|
||||
index 7135079..ca558fd 100644
|
||||
--- a/src/ldo.c
|
||||
+++ b/src/ldo.c
|
||||
@@ -728,11 +728,10 @@ static void resume (lua_State *L, void *ud) {
|
||||
StkId firstArg = L->top - n; /* first argument */
|
||||
CallInfo *ci = L->ci;
|
||||
if (L->status == LUA_OK) /* starting a coroutine? */
|
||||
- ccall(L, firstArg - 1, LUA_MULTRET, 1); /* just call its body */
|
||||
+ ccall(L, firstArg - 1, LUA_MULTRET, 0); /* just call its body */
|
||||
else { /* resuming from previous yield */
|
||||
lua_assert(L->status == LUA_YIELD);
|
||||
L->status = LUA_OK; /* mark that it is running (again) */
|
||||
- luaE_incCstack(L); /* control the C stack */
|
||||
if (isLua(ci)) { /* yielded inside a hook? */
|
||||
L->top = firstArg; /* discard arguments */
|
||||
luaV_execute(L, ci); /* just continue running Lua code */
|
||||
@@ -783,6 +782,9 @@ LUA_API int lua_resume (lua_State *L, lua_State *from, int nargs,
|
||||
else if (L->status != LUA_YIELD) /* ended with errors? */
|
||||
return resume_error(L, "cannot resume dead coroutine", nargs);
|
||||
L->nCcalls = (from) ? getCcalls(from) : 0;
|
||||
+ if (getCcalls(L) >= LUAI_MAXCCALLS)
|
||||
+ return resume_error(L, "C stack overflow", nargs);
|
||||
+ L->nCcalls++;
|
||||
luai_userstateresume(L, nargs);
|
||||
api_checknelems(L, (L->status == LUA_OK) ? nargs + 1 : nargs);
|
||||
status = luaD_rawrunprotected(L, resume, &nargs);
|
||||
--
|
||||
2.25.1
|
||||
|
|
@ -1,25 +0,0 @@
|
|||
From d91a8fb06a65491e4e6f75cade82ae8c9c043487 Mon Sep 17 00:00:00 2001
|
||||
From: Pawel Winogrodzki <pawelwi@microsoft.com>
|
||||
Date: Tue, 7 Jun 2022 16:40:53 -0700
|
||||
Subject: [PATCH] Applying patch for CVE-2021-44647 from
|
||||
http://lua-users.org/lists/lua-l/2021-11/msg00206.html.
|
||||
|
||||
---
|
||||
src/lstate.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/src/lstate.c b/src/lstate.c
|
||||
index c5e3b43..38da773 100644
|
||||
--- a/src/lstate.c
|
||||
+++ b/src/lstate.c
|
||||
@@ -271,6 +271,7 @@ static void close_state (lua_State *L) {
|
||||
if (!completestate(g)) /* closing a partially built state? */
|
||||
luaC_freeallobjects(L); /* jucst collect its objects */
|
||||
else { /* closing a fully built state */
|
||||
+ L->ci = &L->base_ci; /* unwind CallInfo list */
|
||||
luaD_closeprotected(L, 1, LUA_OK); /* close all upvalues */
|
||||
luaC_freeallobjects(L); /* collect all objects */
|
||||
luai_userstateclose(L);
|
||||
--
|
||||
2.34.1
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
diff --git a/src/ldo.c b/src/ldo.c
|
||||
index 7135079..d81e731 100644
|
||||
--- a/src/ldo.c
|
||||
+++ b/src/ldo.c
|
||||
@@ -483,9 +483,9 @@ void luaD_pretailcall (lua_State *L, CallInfo *ci, StkId func, int narg1) {
|
||||
int fsize = p->maxstacksize; /* frame size */
|
||||
int nfixparams = p->numparams;
|
||||
int i;
|
||||
+ checkstackGC(L, fsize);
|
||||
for (i = 0; i < narg1; i++) /* move down function and arguments */
|
||||
setobjs2s(L, ci->func + i, func + i);
|
||||
- checkstackGC(L, fsize);
|
||||
func = ci->func; /* moved-down function */
|
||||
for (; narg1 <= nfixparams; narg1++)
|
||||
setnilvalue(s2v(func + narg1)); /* complete missing arguments */
|
|
@ -1,32 +0,0 @@
|
|||
diff -up lua-5.4.3/src/lvm.c.bug3 lua-5.4.3/src/lvm.c
|
||||
--- lua-5.4.3/src/lvm.c.bug3 2021-04-28 13:27:54.025590350 -0400
|
||||
+++ lua-5.4.3/src/lvm.c 2021-04-28 13:28:55.233614835 -0400
|
||||
@@ -847,10 +847,19 @@ void luaV_finishOp (lua_State *L) {
|
||||
luaV_concat(L, total); /* concat them (may yield again) */
|
||||
break;
|
||||
}
|
||||
- case OP_CLOSE: case OP_RETURN: { /* yielded closing variables */
|
||||
+ case OP_CLOSE: { /* yielded closing variables */
|
||||
ci->u.l.savedpc--; /* repeat instruction to close other vars. */
|
||||
break;
|
||||
}
|
||||
+ case OP_RETURN: { /* yielded closing variables */
|
||||
+ StkId ra = base + GETARG_A(inst);
|
||||
+ /* correct top to signal correct number of returns (in case the
|
||||
+ return is "in top" */
|
||||
+ L->top = ra + ci->u2.nres;
|
||||
+ /* repeat instruction to close other vars. and complete the return */
|
||||
+ ci->u.l.savedpc--;
|
||||
+ break;
|
||||
+ }
|
||||
default: {
|
||||
/* only these other opcodes can yield */
|
||||
lua_assert(op == OP_TFORCALL || op == OP_CALL ||
|
||||
@@ -1670,6 +1679,7 @@ void luaV_execute (lua_State *L, CallInf
|
||||
n = cast_int(L->top - ra); /* get what is available */
|
||||
savepc(ci);
|
||||
if (TESTARG_k(i)) { /* may there be open upvalues? */
|
||||
+ ci->u2.nres = n; /* save number of returns */
|
||||
if (L->top < ci->top)
|
||||
L->top = ci->top;
|
||||
luaF_close(L, base, CLOSEKTOP, 1);
|
|
@ -1,7 +1,7 @@
|
|||
{
|
||||
"Signatures": {
|
||||
"lua-5.4.3.tar.gz": "f8612276169e3bfcbcfb8f226195bfc6e466fe13042f1076cbde92b7ec96bbfb",
|
||||
"lua-5.4.3-tests.tar.gz": "5d29c3022897a8290f280ebe1c6853248dfa35a668e1fc02ba9c8cde4e7bf110",
|
||||
"lua-5.4.4.tar.gz": "164c7849653b80ae67bec4b7473b884bf5cc8d2dca05653475ec2ed27b9ebf61",
|
||||
"lua-5.4.4-tests.tar.gz": "04d28355cd67a2299dfe5708b55a0ff221ccb1a3907a3113cc103ccc05ac6aad",
|
||||
"lua-5.3.5.tar.gz": "0c2eed3f960446e1a3e4b9a1ca2f3ff893b6ce41942cf54d5dd59ab4b3b058ac",
|
||||
"luaconf.h": "88e9751d81e778de9546db7c57eab5aeba4dfd8051e010f53ae36fbbce115e45",
|
||||
"mit.txt": "ac92bb84aa21edfecf0112e59c96c75620313d504ada0d66e8e78fe6788d3a4d"
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
%global major_version 5.4
|
||||
# Normally, this is the same as version, but... not always.
|
||||
%global test_version 5.4.3
|
||||
%global test_version 5.4.4
|
||||
# If you are incrementing major_version, enable bootstrapping and adjust accordingly.
|
||||
# Version should be the latest prior build. If you don't do this, RPM will break and
|
||||
# everything will grind to a halt.
|
||||
|
@ -13,8 +13,8 @@
|
|||
|
||||
Summary: Powerful light-weight programming language
|
||||
Name: lua
|
||||
Version: %{major_version}.3
|
||||
Release: 5%{?dist}
|
||||
Version: %{major_version}.4
|
||||
Release: 1%{?dist}
|
||||
License: MIT
|
||||
Vendor: Microsoft Corporation
|
||||
Distribution: Mariner
|
||||
|
@ -40,12 +40,8 @@ Patch6: %{name}-5.3.5-luac-shared-link-fix.patch
|
|||
%endif
|
||||
# https://www.lua.org/bugs.html
|
||||
Patch18: %{name}-5.3.5-CVE-2020-24370.patch
|
||||
Patch19: %{name}-5.4.3-bug3.patch
|
||||
Patch20: CVE-2021-43519.patch
|
||||
Patch21: CVE-2022-28805.patch
|
||||
Patch22: CVE-2021-44647.patch
|
||||
Patch23: CVE-2022-33099.patch
|
||||
Patch24: CVE-2021-45985.patch
|
||||
|
||||
BuildRequires: autoconf
|
||||
BuildRequires: automake
|
||||
|
@ -104,12 +100,8 @@ mv src/luaconf.h src/luaconf.h.template.in
|
|||
%patch4 -p1 -z .configure-compat-all
|
||||
# Put proper version in configure.ac, patch0 hardcodes 5.3.0
|
||||
sed -i 's|5.3.0|%{version}|g' configure.ac
|
||||
%patch19 -p1 -b .bug3
|
||||
%patch20 -p1
|
||||
%patch21 -p1
|
||||
%patch22 -p1
|
||||
%patch23 -p1
|
||||
%patch24 -p1
|
||||
autoreconf -ifv
|
||||
|
||||
%if 0%{?bootstrap}
|
||||
|
@ -224,6 +216,10 @@ popd
|
|||
%{_libdir}/*.a
|
||||
|
||||
%changelog
|
||||
* Tue May 09 2023 Bala <balakumaran.kannan@microsoft.com> - 5.4.4-1
|
||||
- Upgrade to version 5.4.4 to fix CVE-2021-44964
|
||||
- Removed patches that are already part of new version
|
||||
|
||||
* Mon Apr 14 2023 Bala <balakumaran.kannan@microsoft.com> - 5.4.3-5
|
||||
- Patching CVE-2021-45985
|
||||
- Add patch command to apply unapplied patches
|
||||
|
|
|
@ -12291,8 +12291,8 @@
|
|||
"type": "other",
|
||||
"other": {
|
||||
"name": "lua",
|
||||
"version": "5.4.3",
|
||||
"downloadUrl": "https://www.lua.org/ftp/lua-5.4.3.tar.gz"
|
||||
"version": "5.4.4",
|
||||
"downloadUrl": "https://www.lua.org/ftp/lua-5.4.4.tar.gz"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
|
@ -206,8 +206,8 @@ libltdl-2.4.6-8.cm2.aarch64.rpm
|
|||
libltdl-devel-2.4.6-8.cm2.aarch64.rpm
|
||||
pcre-8.45-2.cm2.aarch64.rpm
|
||||
pcre-libs-8.45-2.cm2.aarch64.rpm
|
||||
lua-5.4.3-5.cm2.aarch64.rpm
|
||||
lua-libs-5.4.3-5.cm2.aarch64.rpm
|
||||
lua-5.4.4-1.cm2.aarch64.rpm
|
||||
lua-libs-5.4.4-1.cm2.aarch64.rpm
|
||||
mariner-rpm-macros-2.0-21.cm2.noarch.rpm
|
||||
mariner-check-macros-2.0-21.cm2.noarch.rpm
|
||||
libassuan-2.5.5-2.cm2.aarch64.rpm
|
||||
|
|
|
@ -206,8 +206,8 @@ libltdl-2.4.6-8.cm2.x86_64.rpm
|
|||
libltdl-devel-2.4.6-8.cm2.x86_64.rpm
|
||||
pcre-8.45-2.cm2.x86_64.rpm
|
||||
pcre-libs-8.45-2.cm2.x86_64.rpm
|
||||
lua-5.4.3-5.cm2.x86_64.rpm
|
||||
lua-libs-5.4.3-5.cm2.x86_64.rpm
|
||||
lua-5.4.4-1.cm2.x86_64.rpm
|
||||
lua-libs-5.4.4-1.cm2.x86_64.rpm
|
||||
mariner-rpm-macros-2.0-21.cm2.noarch.rpm
|
||||
mariner-check-macros-2.0-21.cm2.noarch.rpm
|
||||
libassuan-2.5.5-2.cm2.x86_64.rpm
|
||||
|
|
|
@ -214,13 +214,13 @@ libxml2-devel-2.10.3-1.cm2.aarch64.rpm
|
|||
libxslt-1.1.34-7.cm2.aarch64.rpm
|
||||
libxslt-debuginfo-1.1.34-7.cm2.aarch64.rpm
|
||||
libxslt-devel-1.1.34-7.cm2.aarch64.rpm
|
||||
lua-5.4.3-5.cm2.aarch64.rpm
|
||||
lua-debuginfo-5.4.3-5.cm2.aarch64.rpm
|
||||
lua-devel-5.4.3-5.cm2.aarch64.rpm
|
||||
lua-libs-5.4.3-5.cm2.aarch64.rpm
|
||||
lua-5.4.4-1.cm2.aarch64.rpm
|
||||
lua-debuginfo-5.4.4-1.cm2.aarch64.rpm
|
||||
lua-devel-5.4.4-1.cm2.aarch64.rpm
|
||||
lua-libs-5.4.4-1.cm2.aarch64.rpm
|
||||
lua-rpm-macros-1-6.cm2.noarch.rpm
|
||||
lua-srpm-macros-1-6.cm2.noarch.rpm
|
||||
lua-static-5.4.3-5.cm2.aarch64.rpm
|
||||
lua-static-5.4.4-1.cm2.aarch64.rpm
|
||||
lz4-1.9.3-1.cm2.aarch64.rpm
|
||||
lz4-debuginfo-1.9.3-1.cm2.aarch64.rpm
|
||||
lz4-devel-1.9.3-1.cm2.aarch64.rpm
|
||||
|
|
|
@ -214,13 +214,13 @@ libxml2-devel-2.10.3-1.cm2.x86_64.rpm
|
|||
libxslt-1.1.34-7.cm2.x86_64.rpm
|
||||
libxslt-debuginfo-1.1.34-7.cm2.x86_64.rpm
|
||||
libxslt-devel-1.1.34-7.cm2.x86_64.rpm
|
||||
lua-5.4.3-5.cm2.x86_64.rpm
|
||||
lua-debuginfo-5.4.3-5.cm2.x86_64.rpm
|
||||
lua-devel-5.4.3-5.cm2.x86_64.rpm
|
||||
lua-libs-5.4.3-5.cm2.x86_64.rpm
|
||||
lua-5.4.4-1.cm2.x86_64.rpm
|
||||
lua-debuginfo-5.4.4-1.cm2.x86_64.rpm
|
||||
lua-devel-5.4.4-1.cm2.x86_64.rpm
|
||||
lua-libs-5.4.4-1.cm2.x86_64.rpm
|
||||
lua-rpm-macros-1-6.cm2.noarch.rpm
|
||||
lua-srpm-macros-1-6.cm2.noarch.rpm
|
||||
lua-static-5.4.3-5.cm2.x86_64.rpm
|
||||
lua-static-5.4.4-1.cm2.x86_64.rpm
|
||||
lz4-1.9.3-1.cm2.x86_64.rpm
|
||||
lz4-debuginfo-1.9.3-1.cm2.x86_64.rpm
|
||||
lz4-devel-1.9.3-1.cm2.x86_64.rpm
|
||||
|
|
|
@ -25,13 +25,13 @@ https://tukaani.org/xz/xz-5.2.5.tar.xz
|
|||
https://src.fedoraproject.org/repo/pkgs/zlib/zlib-1.2.12.tar.xz/sha512/12940e81e988f7661da52fa20bdc333314ae86a621fdb748804a20840b065a1d6d984430f2d41f3a057de0effc6ff9bcf42f9ee9510b88219085f59cbbd082bd/zlib-1.2.12.tar.xz
|
||||
https://ftp.gnu.org/gnu/cpio/cpio-2.13.tar.bz2
|
||||
https://github.com/libarchive/libarchive/releases/download/v3.6.1/libarchive-3.6.1.tar.gz
|
||||
https://www.lua.org/ftp/lua-5.4.3.tar.gz
|
||||
https://www.lua.org/ftp/lua-5.4.4.tar.gz
|
||||
http://ftp.rpm.org/popt/releases/popt-1.x/popt-1.18.tar.gz
|
||||
https://github.com/rpm-software-management/rpm/archive/rpm-4.17.0-release.tar.gz
|
||||
https://git.centos.org/rpms/python-rpm-generators/raw/c8s/f/SOURCES/python.attr
|
||||
https://git.centos.org/rpms/python-rpm-generators/raw/c8s/f/SOURCES/pythondeps.sh
|
||||
https://git.centos.org/rpms/python-rpm-generators/raw/c8s/f/SOURCES/pythondistdeps.py
|
||||
https://www.linuxfromscratch.org/patches/downloads/lua/lua-5.4.3-shared_library-1.patch
|
||||
https://www.linuxfromscratch.org/patches/downloads/lua/lua-5.4.4-shared_library-2.patch
|
||||
https://ftp.gnu.org/gnu/gcc/gcc-11.2.0/gcc-11.2.0.tar.xz
|
||||
https://ftp.gnu.org/gnu/glibc/glibc-2.35.tar.xz
|
||||
https://www.linuxfromscratch.org/patches/downloads/glibc/glibc-2.35-fhs-1.patch
|
||||
|
|
|
@ -32,8 +32,8 @@ c676146577d989189940f1959d9e3980d28513d74eedfbc6b7f15ea45fe54ee2 libarchive-3.6
|
|||
0d72e12e4f2afff67fd7b9df0a24d7ba42b5a7c9211ac5b3dcccc5cd8b286f2b libpipeline-1.5.0.tar.gz
|
||||
7c87a8c2c8c0fc9cd5019e402bed4292462d00a718a7cd5f11218153bf28b26f libtool-2.4.6.tar.xz
|
||||
540fb721619a6aba3bdeef7d940d8e9e0e6d2c193595bc243241b77ff9e93620 libffi-3.4.2.tar.gz
|
||||
5add91e10446d34d6b3e94c587e4ae5c206200d016dcb303b8bd5c7ca73859f0 lua-5.4.3-shared_library-1.patch
|
||||
f8612276169e3bfcbcfb8f226195bfc6e466fe13042f1076cbde92b7ec96bbfb lua-5.4.3.tar.gz
|
||||
44324a802822f0a35d095aaad2f5f58fa7b1821ae87ae44dbcfc8a23fcd2e67e lua-5.4.4-shared_library-2.patch
|
||||
164c7849653b80ae67bec4b7473b884bf5cc8d2dca05653475ec2ed27b9ebf61 lua-5.4.4.tar.gz
|
||||
3be4a26d825ffdfda52a56fc43246456989a3630093cced3fbddf4771ee58a70 m4-1.4.19.tar.gz
|
||||
e05fdde47c5f7ca45cb697e973894ff4f5d79e13b750ed57d7b66d8defc78e19 make-4.3.tar.gz
|
||||
2ffd8f2e80122fe72e60c740c851e6a3e15c9a7921185eb4752c1c672824bed6 man-db-2.10.1.tar.xz
|
||||
|
|
|
@ -1057,12 +1057,12 @@ popd
|
|||
rm -rf libarchive-3.6.1
|
||||
touch /logs/status_libarchive_complete
|
||||
|
||||
echo lua-5.4.3
|
||||
tar xf lua-5.4.3.tar.gz
|
||||
pushd lua-5.4.3
|
||||
echo lua-5.4.4
|
||||
tar xf lua-5.4.4.tar.gz
|
||||
pushd lua-5.4.4
|
||||
cat > lua.pc << "EOF"
|
||||
V=5.4
|
||||
R=5.4.3
|
||||
R=5.4.4
|
||||
prefix=/usr
|
||||
INSTALL_BIN=${prefix}/bin
|
||||
INSTALL_INC=${prefix}/include
|
||||
|
@ -1080,19 +1080,19 @@ Requires:
|
|||
Libs: -L${libdir} -llua -lm -ldl
|
||||
Cflags: -I${includedir}
|
||||
EOF
|
||||
patch -Np1 -i ../lua-5.4.3-shared_library-1.patch
|
||||
patch -Np1 -i ../lua-5.4.4-shared_library-2.patch
|
||||
sed -i '/#define LUA_ROOT/s:/usr/local/:/usr/:' src/luaconf.h
|
||||
make MYCFLAGS="-DLUA_COMPAT_5_2 -DLUA_COMPAT_5_1" linux
|
||||
make INSTALL_TOP=/usr \
|
||||
INSTALL_DATA="cp -d" \
|
||||
INSTALL_MAN=/usr/share/man/man1 \
|
||||
TO_LIB="liblua.so liblua.so.5.4 liblua.so.5.4.3" \
|
||||
TO_LIB="liblua.so liblua.so.5.4 liblua.so.5.4.4" \
|
||||
install
|
||||
mkdir -pv /usr/share/doc/lua-5.4.3
|
||||
cp -v doc/*.{html,css,gif,png} /usr/share/doc/lua-5.4.3
|
||||
mkdir -pv /usr/share/doc/lua-5.4.4
|
||||
cp -v doc/*.{html,css,gif,png} /usr/share/doc/lua-5.4.4
|
||||
install -v -m644 -D lua.pc /usr/lib/pkgconfig/lua.pc
|
||||
popd
|
||||
rm -rf lua-5.4.3
|
||||
rm -rf lua-5.4.4
|
||||
touch /logs/status_lua_complete
|
||||
|
||||
DEBUGEDIT_WITH_VERSION=debugedit-5.0
|
||||
|
|
Загрузка…
Ссылка в новой задаче