getnum in app/modules/struct.c potentially has an integer overflow if fmt is set too large. It might be triggered by running such lua statement: EVAL "struct.pack('>I2147483648', '10')" 0 It can be easily avoid by adding a bound check in getnum, and I'd like to open a PR for that if necessary.
getnum
inapp/modules/struct.c
potentially has an integer overflow iffmt
is set too large. It might be triggered by running such lua statement:EVAL "struct.pack('>I2147483648', '10')" 0
It can be easily avoid by adding a bound check ingetnum
, and I'd like to open a PR for that if necessary.