[Tarantool-patches] [PATCH luajit] Limit exponent range in number parsing.
Igor Munkin
imun at tarantool.org
Thu Feb 15 16:50:41 MSK 2024
Sergey,
I've checked the patchset into all long-term branches in
tarantool/luajit and bumped a new version in master, release/3.0 and
release/2.11.
On 21.11.23, Sergey Kaplun via Tarantool-patches wrote:
> From: Mike Pall <mike>
>
> Reported by XmiliaH.
>
> (cherry-picked from commit e56048753634c32ea6eeedf74cef6f9cfea5f4ed)
>
> When parsing exponent powers greater than (1 << 16) * 10 == (65536 *
> 10), the exponent values are cut without handling any values greater.
> This patch fixes the behaviour, but restricts the power maximum value by
> `STRSCAN_MAXEXP` (1 << 20).
>
> Sergey Kaplun:
> * added the description and the test for the problem
>
> Part of tarantool/tarantool#9145
> ---
>
> Branch:
> https://github.com/tarantool/luajit/tree/skaplun/lj-788-limit-exponents-range
> Tarantool PR: https://github.com/tarantool/tarantool/pull/9386
> Related issues:
> * https://github.com/LuaJIT/LuaJIT/issues/788
> * https://github.com/tarantool/tarantool/issues/9145
>
>
> src/lj_strscan.c | 5 +++-
> .../lj-788-limit-exponents-range.test.lua | 29 +++++++++++++++++++
> 2 files changed, 33 insertions(+), 1 deletion(-)
> create mode 100644 test/tarantool-tests/lj-788-limit-exponents-range.test.lua
>
<snipped>
> --
> 2.42.1
>
--
Best regards,
IM
More information about the Tarantool-patches
mailing list