From 93d3c8450c7a78321cf7f9db9173d46c62ebe958 Mon Sep 17 00:00:00 2001 From: Roberto Ierusalimschy Date: Mon, 18 Sep 2006 13:33:14 -0300 Subject: [PATCH] bug: string.format("%") reads past the string --- bugs | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ lstrlib.c | 4 ++-- 2 files changed, 56 insertions(+), 2 deletions(-) diff --git a/bugs b/bugs index ad6d0f07..eaf2fd26 100644 --- a/bugs +++ b/bugs @@ -798,6 +798,32 @@ patch = [[ } +Bug{ +what = [[Some "not not exp" may not result in boolean values]], +report = [[]], +since = [[4.0]], +example = [[ +-- should print false, but prints nil +print(not not (nil and 4)) +]], +patch = [[]], +} + + +Bug{ +what = [[On some machines, closing a "piped file" (created with io.popen) +may crash Lua]], +report = [[]], +since = [[5.0]], +example = [[ +-- only on some machines + f = io.popen("ls") + f:close() +]], +patch = [[]], +} + + ----------------------------------------------------------------- -- Lua 5.1 @@ -1095,3 +1121,31 @@ patch = [[ ]], } + + +Bug{ +what = [[string.format("%") reads past the string]], +report = [[Roberto, on 09/2006]], +since = [[5.0 (at least)]], +example = [[print(string.format("%"))]], +patch = [[ +*lstrlib.c: +@@ -723,7 +723,7 @@ + + static const char *scanformat (lua_State *L, const char *strfrmt, char *form) { const char *p = strfrmt; +- while (strchr(FLAGS, *p)) p++; /* skip flags */ ++ while (*p != '\0' && strchr(FLAGS, *p) != NULL) p++; /* skip flags */ + if ((size_t)(p - strfrmt) >= sizeof(FLAGS)) + luaL_error(L, "invalid format (repeated flags)"); + if (isdigit(uchar(*p))) p++; /* skip width */ +]], +} + + +Bug{ +what = [[ ]], +report = [[ ]], +since = [[ ]], +example = [[ ]], +patch = [[ ]], +} diff --git a/lstrlib.c b/lstrlib.c index 641c3227..bcc1f7a8 100644 --- a/lstrlib.c +++ b/lstrlib.c @@ -1,5 +1,5 @@ /* -** $Id: lstrlib.c,v 1.133 2006/06/22 16:12:59 roberto Exp roberto $ +** $Id: lstrlib.c,v 1.134 2006/09/11 14:07:24 roberto Exp roberto $ ** Standard library for string operations and pattern-matching ** See Copyright Notice in lua.h */ @@ -723,7 +723,7 @@ static void addquoted (lua_State *L, luaL_Buffer *b, int arg) { static const char *scanformat (lua_State *L, const char *strfrmt, char *form) { const char *p = strfrmt; - while (strchr(FLAGS, *p)) p++; /* skip flags */ + while (*p != '\0' && strchr(FLAGS, *p) != NULL) p++; /* skip flags */ if ((size_t)(p - strfrmt) >= sizeof(FLAGS)) luaL_error(L, "invalid format (repeated flags)"); if (isdigit(uchar(*p))) p++; /* skip width */