From a68385b1043a2041390f65ce5cf9ed434af5e95d Mon Sep 17 00:00:00 2001 From: pixel Date: Wed, 25 Jul 2007 16:54:32 +0000 Subject: Upgrading to Lua-5.0.3 --- lib/lua/src/lvm.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'lib/lua/src/lvm.c') diff --git a/lib/lua/src/lvm.c b/lib/lua/src/lvm.c index 5c6620a..5103140 100644 --- a/lib/lua/src/lvm.c +++ b/lib/lua/src/lvm.c @@ -1,5 +1,5 @@ /* -** $Id: lvm.c,v 1.9 2006-02-09 16:57:30 pixel Exp $ +** $Id: lvm.c,v 1.10 2007-07-25 16:54:32 pixel Exp $ ** Lua virtual machine ** See Copyright Notice in lua.h */ @@ -341,15 +341,15 @@ void luaV_concat (lua_State *L, int total, int last) { luaG_concaterror(L, top-2, top-1); } else if (tsvalue(top-1)->tsv.len > 0) { /* if len=0, do nothing */ /* at least two string values; get as many as possible */ - lu_mem tl = cast(lu_mem, tsvalue(top-1)->tsv.len) + - cast(lu_mem, tsvalue(top-2)->tsv.len); + size_t tl = tsvalue(top-1)->tsv.len; char *buffer; int i; - while (n < total && tostring(L, top-n-1)) { /* collect total length */ - tl += tsvalue(top-n-1)->tsv.len; - n++; + /* collect total length */ + for (n = 1; n < total && tostring(L, top-n-1); n++) { + size_t l = tsvalue(top-n-1)->tsv.len; + if (l >= MAX_SIZET - tl) luaG_runerror(L, "string length overflow"); + tl += l; } - if (tl > MAX_SIZET) luaG_runerror(L, "string size overflow"); buffer = luaZ_openspace(L, &G(L)->buff, tl); tl = 0; for (i=n; i>0; i--) { /* concat all strings */ -- cgit v1.2.3