Nmap Development mailing list archives
possible bug in liblua/lparser.c
From: Vita Cizek <vcizek () suse cz>
Date: Fri, 3 Dec 2010 09:35:44 +0100
Hi, This appears in both 5.21 and devel versions. In liblua/lparser.c, close_func(): The fs pointer points to a valid memory, it is dereferenced in a few places, thus can't be NULL at the test point, I guess. static void close_func (LexState *ls) { lua_State *L = ls->L; FuncState *fs = ls->fs; Proto *f = fs->f; <-- first dereferenced here ... ls->fs = fs->prev; L->top -= 2; /* remove table and prototype from the stack */ /* last token read was anchored in defunct function; must reanchor it */ if (fs) anchor_token(ls); <-- this NULL test } -- Vitezslav Cizek _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- possible bug in liblua/lparser.c Vita Cizek (Dec 03)
- Re: possible bug in liblua/lparser.c Patrick Donnelly (Dec 03)