Shulou(Shulou.com)05/31 Report--

This article will explain in detail the example analysis of Lua v5.4.0 and previous versions of lsys_load () stack overflow vulnerabilities. The editor thinks it is very practical, so I share it with you for reference. I hope you can get something after reading this article.

Vulnerability description

Lua is a lightweight scripting language written in the standard C language and open in source code.

The Lua v5.4.0 and previous versions of lsys_load () function did not correctly handle the length of the file name when loading the dynamic link library, resulting in a stack overflow vulnerability and a denial of service problem.

Affect the version

Lua crash if (lib = = NULL) lua_pushstring (L, dlerror ()); return lib;} repair recommendation

Limit the length of a dynamic link library when loading it.

On "Lua v5.4.0 and previous versions of lsys_load () stack overflow vulnerability example analysis" this article is shared here, I hope the above content can be of some help to you, so that you can learn more knowledge, if you think the article is good, please share it out for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.