From 303f4155593721dfd57dadc6e56122e465ce9efb Mon Sep 17 00:00:00 2001
From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date: Fri, 18 Jul 2025 16:18:30 -0300
Subject: Randomness added to table length computation

A bad actor could fill only a few entries in a table (power of twos in
decreasing order, see tests) and produce a small table with a huge
length. If your program builds a table with external data and iterates
over its length, this behavior could be an issue.
---
 lobject.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'lobject.c')

diff --git a/lobject.c b/lobject.c
index 5c270b27..b558cfe0 100644
--- a/lobject.c
+++ b/lobject.c
@@ -31,7 +31,8 @@
 
 
 /*
-** Computes ceil(log2(x))
+** Computes ceil(log2(x)), which is the smallest integer n such that
+** x <= (1 << n).
 */
 lu_byte luaO_ceillog2 (unsigned int x) {
   static const lu_byte log_2[256] = {  /* log_2[i - 1] = ceil(log2(i)) */
-- 
cgit v1.2.3-55-g6feb