From 994a37c8e88d090421afb7ca639f01f868708452 Mon Sep 17 00:00:00 2001
From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date: Fri, 29 Aug 2003 13:50:02 -0300
Subject: [PATCH] IBM AS400 (OS400) has sizeof(void *)==16, and a `%p' may
 generate up to 60 characters in a `printf'. That causes a buffer overflow in
 `tostring'..

---
 bugs | 28 ++++++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/bugs b/bugs
index 9e9df19b..d202ee22 100644
--- a/bugs
+++ b/bugs
@@ -445,13 +445,13 @@ for i=1,10000000 do
 end
 ]],
 patch = [[
-*lgc.h:
+* lgc.h:
 18c18
 < void luaC_separateudata (lua_State *L);
 ---
 > size_t luaC_separateudata (lua_State *L);
 
-*lgc.c:
+* lgc.c:
 113c113,114
 < void luaC_separateudata (lua_State *L) {
 ---
@@ -489,4 +489,28 @@ patch = [[
 ---
 >   checkSizes(L, deadmem);
 ]]
+}
 
+Bug{
+what=[[IBM AS400 (OS400) has sizeof(void *)==16, and a `%p' may generate
+up to 60 characters in a `printf'. That causes a buffer overflow in
+`tostring'.]],
+
+report = [[David Burgess, 25/08/2003]],
+
+example = [[print{}; (in an AS400 machine)]],
+
+patch = [[
+* liolib.c:
+178c178
+<   char buff[32];
+---
+>   char buff[128];
+
+* lbaselib.c:
+327c327
+<   char buff[64];
+---
+>   char buff[128];
+]]
+}