From e0ff67df53d0141688036ece17d592c58b77261d Mon Sep 17 00:00:00 2001
From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
Date: Wed, 23 Sep 2020 03:25:04 +0000
Subject: system/lua5.3: Patch CVE-2020-24370

---
 system/lua5.3/APKBUILD             | 10 +++++++---
 system/lua5.3/CVE-2020-24370.patch | 36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 43 insertions(+), 3 deletions(-)
 create mode 100644 system/lua5.3/CVE-2020-24370.patch

diff --git a/system/lua5.3/APKBUILD b/system/lua5.3/APKBUILD
index 11e7b4e06..5786668d5 100644
--- a/system/lua5.3/APKBUILD
+++ b/system/lua5.3/APKBUILD
@@ -3,7 +3,7 @@ pkgname=lua5.3
 _pkgname=lua
 pkgver=5.3.5
 _luaver=${pkgname#lua}
-pkgrel=1
+pkgrel=2
 pkgdesc="Embeddable programming language"
 url="https://www.lua.org/"
 arch="all"
@@ -19,12 +19,15 @@ source="https://www.lua.org/ftp/$_pkgname-$pkgver.tar.gz
 	lua-5.3-module_paths.patch
 	linenoise.patch
 	CVE-2019-6706.patch
+	CVE-2020-24370.patch
 	"
 builddir="$srcdir/$_pkgname-$pkgver"
 
 # secfixes: lua
+#   5.3.5-r2:
+#     - CVE-2020-24370
 #   5.3.5-r1:
-#     - CVE-2019-6706.patch
+#     - CVE-2019-6706
 
 prepare() {
 	default_prepare
@@ -132,4 +135,5 @@ sha512sums="4f9516acc4659dfd0a9e911bfa00c0788f0ad9348e5724fe8fb17aac59e9c0060a64
 1bc6c623024c1738155b30ff9c0edcce0f336edc25aa20c3a1400c859421ea2015d75175cce8d515e055ac3e96028426b74812e04022af18a0ed4c4601556027  lua-5.3-make.patch
 bc68772390dc8d8940176af0b9fbacc0af61891b5d27de5f1466a4e7f9b3291a1c08ba5add829bc96b789a53fa5ec2dadaa096ca6eabe54ec27724fa2810940f  lua-5.3-module_paths.patch
 49880d1131b7bd2a3169a26f401769a91d9a6a62cefe68aa5a89097139289588b7ef753535a2d0ba7f45c0369c760554940fd810716b7b1353deace32432fcfe  linenoise.patch
-77755c083630d48404178012d5947230675311a15f0f5e30efa72004edf3124615fa9080b739240213c013efb015689e09ee653a41d560964a3df78a8fe0fd8d  CVE-2019-6706.patch"
+77755c083630d48404178012d5947230675311a15f0f5e30efa72004edf3124615fa9080b739240213c013efb015689e09ee653a41d560964a3df78a8fe0fd8d  CVE-2019-6706.patch
+0c28366d352e3e6660413d16c1deaa0b1c6070170c13d95ae7a48b6b39c728a16d3f2a6068f665b3ec3e17f4f69d006625af074a4ddb51c8f3845d567c0dd809  CVE-2020-24370.patch"
diff --git a/system/lua5.3/CVE-2020-24370.patch b/system/lua5.3/CVE-2020-24370.patch
new file mode 100644
index 000000000..0bfce24b1
--- /dev/null
+++ b/system/lua5.3/CVE-2020-24370.patch
@@ -0,0 +1,36 @@
+From b5bc89846721375fe30772eb8c5ab2786f362bf9 Mon Sep 17 00:00:00 2001
+From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
+Date: Mon, 3 Aug 2020 16:25:28 -0300
+Subject: [PATCH] Fixed bug: Negation overflow in getlocal/setlocal
+
+---
+ ldebug.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/ldebug.c b/ldebug.c
+index e1389296e..bb0e1d4ac 100644
+--- a/src/ldebug.c
++++ b/src/ldebug.c
+@@ -133,10 +133,11 @@ static const char *upvalname (Proto *p, int uv) {
+ 
+ static const char *findvararg (CallInfo *ci, int n, StkId *pos) {
+   int nparams = clLvalue(ci->func)->p->numparams;
+-  if (n >= cast_int(ci->u.l.base - ci->func) - nparams)
++  int nvararg = cast_int(ci->u.l.base - ci->func) - nparams;
++  if (n <= -nvararg)
+     return NULL;  /* no such vararg */
+   else {
+-    *pos = ci->func + nparams + n;
++    *pos = ci->func + nparams - n;
+     return "(*vararg)";  /* generic name for any vararg */
+   }
+ }
+@@ -148,7 +149,7 @@ static const char *findlocal (lua_State *L, CallInfo *ci, int n,
+   StkId base;
+   if (isLua(ci)) {
+     if (n < 0)  /* access to vararg values? */
+-      return findvararg(ci, -n, pos);
++      return findvararg(ci, n, pos);
+     else {
+       base = ci->u.l.base;
+       name = luaF_getlocalname(ci_func(ci)->p, n, currentpc(ci));
-- 
cgit v1.2.3-60-g2f50