!50 【轻量级 PR】：Fix bad date in changelog

From: @zhangshaoning_uniontech 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen

0001-luajit-add-secure-compile-option-fstack.patch

@@ -0,0 +1,21 @@
+diff -Nur LuaJIT-2.1.0-beta3/src/Makefile LuaJIT-2.1.0-beta3-new/src/Makefile
+--- LuaJIT-2.1.0-beta3/src/Makefile	2017-05-02 03:05:00.000000000 +0800
++++ LuaJIT-2.1.0-beta3-new/src/Makefile	2021-05-25 17:24:07.075839335 +0800
+@@ -217,7 +217,7 @@
+ TARGET_DYLIBNAME= libluajit-$(ABIVER).$(MAJVER).dylib
+ TARGET_DYLIBPATH= $(TARGET_LIBPATH)/$(TARGET_DYLIBNAME)
+ TARGET_DLLNAME= lua$(NODOTABIVER).dll
+-TARGET_XSHLDFLAGS= -shared -fPIC -Wl,-soname,$(TARGET_SONAME)
++TARGET_XSHLDFLAGS= -shared -fstack-protector-strong -fPIC -Wl,-soname,$(TARGET_SONAME)
+ TARGET_DYNXLDOPTS=
+ 
+ TARGET_LFSFLAGS= -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE
+@@ -309,7 +309,7 @@
+   TARGET_DYNXLDOPTS=
+ else
+ ifeq (,$(shell $(TARGET_CC) -o /dev/null -c -x c /dev/null -fno-stack-protector 2>/dev/null || echo 1))
+-  TARGET_XCFLAGS+= -fno-stack-protector
++  TARGET_XCFLAGS+=
+ endif
+ ifeq (Darwin,$(TARGET_SYS))
+   ifeq (,$(MACOSX_DEPLOYMENT_TARGET))

CVE-2020-15890.patch

@@ -0,0 +1,27 @@
+From 53f82e6e2e858a0a62fd1a2ff47e9866693382e6 Mon Sep 17 00:00:00 2001
+From: Mike Pall <mike>
+Date: Sun, 12 Jul 2020 14:30:34 +0200
+Subject: [PATCH] Fix frame traversal for __gc handler frames.
+
+Reported by Changochen.
+
+Signed-off-by: guoxiaoqi <guoxiaoqi2@huawei.com>
+---
+ src/lj_err.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/lj_err.c b/src/lj_err.c
+index caa7487..e3e0c2e 100644
+--- a/src/lj_err.c
++++ b/src/lj_err.c
+@@ -529,6 +529,7 @@ static ptrdiff_t finderrfunc(lua_State *L)
+       if (cframe_canyield(cf)) return 0;
+       if (cframe_errfunc(cf) >= 0)
+ 	return cframe_errfunc(cf);
++      cf = cframe_prev(cf);
+       frame = frame_prevd(frame);
+       break;
+     case FRAME_PCALL:
+-- 
+1.8.3.1
+

CVE-2020-24372-1.patch

@@ -0,0 +1,22 @@
+From 12ab596997b9cb27846a5b254d11230c3f9c50c8 Mon Sep 17 00:00:00 2001
+From: Mike Pall <mike>
+Date: Sun, 9 Aug 2020 18:08:38 +0200
+Subject: [PATCH] Fix handling of errors during snapshot restore.
+
+---
+ src/lj_trace.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/lj_trace.c b/src/lj_trace.c
+index 311baa73c..123e6eb83 100644
+--- a/src/lj_trace.c
++++ b/src/lj_trace.c
+@@ -701,6 +701,8 @@ static TValue *trace_exit_cp(lua_State *L, lua_CFunction dummy, void *ud)
+ {
+   ExitDataCP *exd = (ExitDataCP *)ud;
+   cframe_errfunc(L->cframe) = -1;  /* Inherit error function. */
++  /* Always catch error here. */
++  cframe_nres(L->cframe) = -2*LUAI_MAXSTACK*(int)sizeof(TValue);
+   exd->pc = lj_snap_restore(exd->J, exd->exptr);
+   UNUSED(dummy);
+   return NULL;

CVE-2020-24372-2.patch

@@ -0,0 +1,196 @@
+From e296f56b825c688c3530a981dc6b495d972f3d01 Mon Sep
+From: Mike Pall <mike>
+Date: Sun, 9 Aug 2020 22:50:31 +0200
+Subject: [PATCH] Call error function on rethrow after trace exit.
+
+---
+ src/lj_debug.c     | 1 +
+ src/lj_dispatch.h  | 2 +-
+ src/lj_err.c       | 2 +-
+ src/lj_err.h       | 2 +-
+ src/lj_trace.c     | 4 ++--
+ src/vm_arm.dasc    | 2 +-
+ src/vm_arm64.dasc  | 3 +--
+ src/vm_mips.dasc   | 5 ++---
+ src/vm_mips64.dasc | 5 ++---
+ src/vm_ppc.dasc    | 3 +--
+ src/vm_x64.dasc    | 4 +---
+ src/vm_x86.dasc    | 4 +---
+ 12 files changed, 15 insertions(+), 22 deletions(-)
+
+diff --git a/src/lj_debug.c b/src/lj_debug.c
+index 959dc28..e6780dc 100644
+--- a/src/lj_debug.c
++++ b/src/lj_debug.c
+@@ -93,6 +93,7 @@ static BCPos debug_framepc(lua_State *L, GCfunc *fn, cTValue *nextframe)
+ 	}
+       }
+       ins = cframe_pc(cf);
++      if (!ins) return NO_BCPOS;
+     }
+   }
+   pt = funcproto(fn);
+diff --git a/src/lj_dispatch.h b/src/lj_dispatch.h
+index 5bda51a..addf557 100644
+--- a/src/lj_dispatch.h
++++ b/src/lj_dispatch.h
+@@ -46,7 +46,7 @@ extern double __divdf3(double a, double b);
+   _(asin) _(acos) _(atan) _(sinh) _(cosh) _(tanh) _(frexp) _(modf) _(atan2) \
+   _(pow) _(fmod) _(ldexp) _(lj_vm_modi) \
+   _(lj_dispatch_call) _(lj_dispatch_ins) _(lj_dispatch_stitch) \
+-  _(lj_dispatch_profile) _(lj_err_throw) \
++  _(lj_dispatch_profile) _(lj_err_throw) _(lj_err_run) \
+   _(lj_ffh_coroutine_wrap_err) _(lj_func_closeuv) _(lj_func_newL_gc) \
+   _(lj_gc_barrieruv) _(lj_gc_step) _(lj_gc_step_fixtop) _(lj_meta_arith) \
+   _(lj_meta_call) _(lj_meta_cat) _(lj_meta_comp) _(lj_meta_equal) \
+diff --git a/src/lj_err.c b/src/lj_err.c
+index b520b3d..c310daf 100644
+--- a/src/lj_err.c
++++ b/src/lj_err.c
+@@ -602,7 +602,7 @@ static ptrdiff_t finderrfunc(lua_State *L)
+ }
+ 
+ /* Runtime error. */
+-LJ_NOINLINE void lj_err_run(lua_State *L)
++LJ_NOINLINE void LJ_FASTCALL lj_err_run(lua_State *L)
+ {
+   ptrdiff_t ef = finderrfunc(L);
+   if (ef) {
+diff --git a/src/lj_err.h b/src/lj_err.h
+index cba5fb7..aa4b7e0 100644
+--- a/src/lj_err.h
++++ b/src/lj_err.h
+@@ -23,7 +23,7 @@ LJ_DATA const char *lj_err_allmsg;
+ LJ_FUNC GCstr *lj_err_str(lua_State *L, ErrMsg em);
+ LJ_FUNCA_NORET void LJ_FASTCALL lj_err_throw(lua_State *L, int errcode);
+ LJ_FUNC_NORET void lj_err_mem(lua_State *L);
+-LJ_FUNC_NORET void lj_err_run(lua_State *L);
++LJ_FUNCA_NORET void LJ_FASTCALL lj_err_run(lua_State *L);
+ LJ_FUNC_NORET void lj_err_msg(lua_State *L, ErrMsg em);
+ LJ_FUNC_NORET void lj_err_lex(lua_State *L, GCstr *src, const char *tok,
+ 			      BCLine line, ErrMsg em, va_list argp);
+diff --git a/src/lj_trace.c b/src/lj_trace.c
+index 797f010..07a6d6d 100644
+--- a/src/lj_trace.c
++++ b/src/lj_trace.c
+@@ -782,8 +782,8 @@ typedef struct ExitDataCP {
+ static TValue *trace_exit_cp(lua_State *L, lua_CFunction dummy, void *ud)
+ {
+   ExitDataCP *exd = (ExitDataCP *)ud;
+-  cframe_errfunc(L->cframe) = -1;  /* Inherit error function. */
+-  /* Always catch error here. */
++  /* Always catch error here and don't call error function. */
++  cframe_errfunc(L->cframe) = 0;
+   cframe_nres(L->cframe) = -2*LUAI_MAXSTACK*(int)sizeof(TValue);
+   exd->pc = lj_snap_restore(exd->J, exd->exptr);
+   UNUSED(dummy);
+diff --git a/src/vm_arm.dasc b/src/vm_arm.dasc
+index 780cc16..5d686c5 100644
+--- a/src/vm_arm.dasc
++++ b/src/vm_arm.dasc
+@@ -2246,7 +2246,7 @@ static void build_subroutines(BuildCtx *ctx)
+   |9:  // Rethrow error from the right C frame.
+   |  rsb CARG2, CARG1, #0
+   |  mov CARG1, L
+-  |  bl extern lj_err_throw		// (lua_State *L, int errcode)
++  |  bl extern lj_err_run		// (lua_State *L)
+   |.endif
+   |
+   |//-----------------------------------------------------------------------
+diff --git a/src/vm_arm64.dasc b/src/vm_arm64.dasc
+index 3eaf376..927f27d 100644
+--- a/src/vm_arm64.dasc
++++ b/src/vm_arm64.dasc
+@@ -2033,9 +2033,8 @@ static void build_subroutines(BuildCtx *ctx)
+   |  b <2
+   |
+   |9:  // Rethrow error from the right C frame.
+-  |  neg CARG2, CARG1
+   |  mov CARG1, L
+-  |  bl extern lj_err_throw		// (lua_State *L, int errcode)
++  |  bl extern lj_err_run		// (lua_State *L)
+   |.endif
+   |
+   |//-----------------------------------------------------------------------
+diff --git a/src/vm_mips.dasc b/src/vm_mips.dasc
+index 1afd611..b405ef4 100644
+--- a/src/vm_mips.dasc
++++ b/src/vm_mips.dasc
+@@ -2512,9 +2512,8 @@ static void build_subroutines(BuildCtx *ctx)
+   |.  addu RA, RA, BASE
+   |
+   |9:  // Rethrow error from the right C frame.
+-  |  load_got lj_err_throw
+-  |  negu CARG2, CRET1
+-  |  call_intern lj_err_throw		// (lua_State *L, int errcode)
++  |  load_got lj_err_run
++  |  call_intern lj_err_run            // (lua_State *L)
+   |.  move CARG1, L
+   |.endif
+   |
+diff --git a/src/vm_mips64.dasc b/src/vm_mips64.dasc
+index c06270a..59acc74 100644
+--- a/src/vm_mips64.dasc
++++ b/src/vm_mips64.dasc
+@@ -2470,9 +2470,8 @@ static void build_subroutines(BuildCtx *ctx)
+   |.  daddu RA, RA, BASE
+   |
+   |9:  // Rethrow error from the right C frame.
+-  |  load_got lj_err_throw
+-  |  negu CARG2, CRET1
+-  |  call_intern lj_err_throw		// (lua_State *L, int errcode)
++  |  load_got lj_err_run
++  |  call_intern lj_err_run            // (lua_State *L)
+   |.  move CARG1, L
+   |.endif
+   |
+diff --git a/src/vm_ppc.dasc b/src/vm_ppc.dasc
+index b4260eb..f8d3633 100644
+--- a/src/vm_ppc.dasc
++++ b/src/vm_ppc.dasc
+@@ -2706,9 +2706,8 @@ static void build_subroutines(BuildCtx *ctx)
+   |  bctr
+   |
+   |9:  // Rethrow error from the right C frame.
+-  |  neg CARG2, CARG1
+   |  mr CARG1, L
+-  |  bl extern lj_err_throw		// (lua_State *L, int errcode)
++  |  bl extern lj_err_run              // (lua_State *L)
+   |.endif
+   |
+   |//-----------------------------------------------------------------------
+diff --git a/src/vm_x64.dasc b/src/vm_x64.dasc
+index a003fb4..379af6d 100644
+--- a/src/vm_x64.dasc
++++ b/src/vm_x64.dasc
+@@ -2509,10 +2509,8 @@ static void build_subroutines(BuildCtx *ctx)
+   |  jmp <2
+   |
+   |9:  // Rethrow error from the right C frame.
+-  |  neg RD
+   |  mov CARG1, L:RB
+-  |  mov CARG2, RD
+-  |  call extern lj_err_throw		// (lua_State *L, int errcode)
++  |  call extern lj_err_run          // (lua_State *L)
+   |.endif
+   |
+   |//-----------------------------------------------------------------------
+diff --git a/src/vm_x86.dasc b/src/vm_x86.dasc
+index 211ae7b..5ecb277 100644
+--- a/src/vm_x86.dasc
++++ b/src/vm_x86.dasc
+@@ -2960,10 +2960,8 @@ static void build_subroutines(BuildCtx *ctx)
+   |  jmp <2
+   |
+   |9:  // Rethrow error from the right C frame.
+-  |  neg RD
+   |  mov FCARG1, L:RB
+-  |  mov FCARG2, RD
+-  |  call extern lj_err_throw@8		// (lua_State *L, int errcode)
++  |  call extern lj_err_run@4          // (lua_State *L)
+   |.endif
+   |
+   |//-----------------------------------------------------------------------
+-- 
+2.23.0
+

luajit.spec

@@ -2,14 +2,19 @@
 
 Name:           luajit
 Version:        2.1.0
-Release:        0.9beta3
+Release:        5
 Summary:        Just-In-Time Compiler for Lua
 License:        MIT
 URL:            http://luajit.org/
 Source0:        http://luajit.org/download/LuaJIT-2.1.0-beta3.tar.gz
+Patch0:         CVE-2020-15890.patch
+Patch1:         CVE-2020-24372-1.patch
+Patch2:         CVE-2020-24372-2.patch
+Patch3:		0001-luajit-add-secure-compile-option-fstack.patch
 
 ExclusiveArch:  %{arm} %{ix86} x86_64 %{mips} aarch64
 
+BuildRequires:  gcc
 BuildRequires:  make
 
 %description
@@ -71,5 +76,20 @@ ln -s luajit-2.1.0-beta3 %{buildroot}%{_bindir}/luajit
 %{_mandir}/man1/%{name}.1*
 
 %changelog
+* Tue Jul 23 2024 zhangshaoning <zhangshaoning@uniontech.com> - 2.1.0-5
+- Fix bad date in changelog
+
+* Wed Jun 30 2021 liuyumeng <liuyumeng5@huawei.com> - 2.1.0-4
+- add BuildRequires: gcc
+
+* Mon May 24 2021 zhangyao <zhangyao@outlook.com> - 2.1.0-3
+- add secure compile option -fstack-protector-strong
+
+* Mon Feb 8 2021 zhanghua <zhanghua40@huawei.com> - 2.1.0-2
+- fix CVE-2020-24372
+
+* Mon Jan 11 2021 zhangatao <zhangtao221@huawei.com> - 2.1.0-1
+- fix CVE-2020-15890
+
 * Sun Mar 15 2020 zhangatao <zhangtao221@huawei.com> - 2.1.0-0.8beta3
 - package init