From d92a2ca2a43c68854011e2f84ce0a75802d854be Mon Sep 17 00:00:00 2001 From: Benoit Germain Date: Mon, 20 Jan 2014 15:34:25 +0100 Subject: Turn potential malicious-crafted code crashes into normal Lua errors * bump version to 3.8.1 * new function lane:get_debug_threadname() * Fix invalid memory accesses when fetching the name of a joined lane with lanes:threads() (because its lua_State is closed) * use luaL_newmetatable() to create the metatable for lane objects * prevent malicious code from crashing by calling lane methods without passing the lane as first argument (raise an error instead) * set_debug_threadname() is no longer registered in the function lookup databases because it holds a C pointer as upvalue and it might crash if used maliciously --- CHANGES | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'CHANGES') diff --git a/CHANGES b/CHANGES index 3639295..d1c4913 100644 --- a/CHANGES +++ b/CHANGES @@ -1,5 +1,13 @@ CHANGES: +CHANGE 92: BGe 20-Jan-14 + * version 3.8.1 + * new function lane:get_debug_threadname() + * Fix invalid memory accesses when fetching the name of a joined lane with lanes:threads() (because its lua_State is closed) + * use luaL_newmetatable() to create the metatable for lane objects + * prevent malicious code from crashing by calling lane methods without passing the lane as first argument (raise an error instead) + * set_debug_threadname() is no longer registered in the function lookup databases because it holds a C pointer as upvalue and it might crash if used maliciously + CHANGE 91: BGe 20-Jan-14 * version 3.8.0 * linda:set() accepts multiple values to set in the specified slot -- cgit v1.2.3-55-g6feb