Possible debug.debug bug

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Possible debug.debug bug

Paul Ouellette
Hello,

db_debug has these lines:

    if (luaL_loadbuffer(L, buffer, strlen(buffer), "=(debug command)") ||
        lua_pcall(L, 0, 0, 0))
      lua_writestringerror("%s\n", lua_tostring(L, -1));

lua_writestringerror is defined as:

#define lua_writestringerror(s,p) \
        (fprintf(stderr, (s), (p)), fflush(stderr))

lua_tostring may return NULL if the error object that lua_pcall pushes onto the
stack is not a string. In this case NULL is passed to fprintf, which is
undefined behavior.

Example:

Lua 5.4.0  Copyright (C) 1994-2020 Lua.org, PUC-Rio
> debug.debug()
lua_debug> error({})
(null)

Paul
Reply | Threaded
Open this post in threaded view
|

Re: Possible debug.debug bug

Roberto Ierusalimschy
> db_debug has these lines:
>
>     if (luaL_loadbuffer(L, buffer, strlen(buffer), "=(debug command)") ||
>         lua_pcall(L, 0, 0, 0))
>       lua_writestringerror("%s\n", lua_tostring(L, -1));
>
> lua_writestringerror is defined as:
>
> #define lua_writestringerror(s,p) \
>         (fprintf(stderr, (s), (p)), fflush(stderr))
>
> lua_tostring may return NULL if the error object that lua_pcall pushes onto the
> stack is not a string. In this case NULL is passed to fprintf, which is
> undefined behavior.

Thanks for the report.

-- Roberto