Lus 1.6.2
- Fixed sealed code being able to
loadunverified precompiled bytecode. - Fixed a read-only
fs:writepermission check being able to insert an entry into a sealed pledge store. - Fixed
network.udpsockets being able tosendtoany host and port regardless of the grantednetwork:udp. - Fixed a use-after-free in which abandoned worker-pool threads could read a parent state’s freed pledge store during interpreter shutdown.
- Fixed
fs.createlinkpledge-checking only the link path and not the symlink target. - Fixed an unanchored
fspledge pattern beginning with a wildcard matching files anywhere on the filesystem. - Fixed
catchleaking the interpreter’s C-call counter when a caught error unwound across a C-call boundary. - Fixed a table slice with an enormous end index iterating for trillions of steps instead of failing.
- Fixed
vector.unpackandvector.unpackmanyreading past the end of a vector when unpacking an unterminatedzstring. - Fixed
network.udp.open(port, address)not enforcing value-scopednetwork:udppledges for bound sockets. - Fixed
network.fetchtruncating large HTTP request body lengths and send sizes throughintcasts. - Fixed
network.fetchaccepting malformed or out-of-range URL ports. - Fixed a stale
expdescinitializer that caused a compiler warning after AST support was added. - Fixed
network.udpsockets being able to bind withsetsocknameoutside their value-scopednetwork:udppledge. - Fixed
network:*pledge values containinghost:portnever matching checks that included a port. - Fixed TCP and UDP socket APIs truncating out-of-range ports before binding, connecting, or sending.
- Fixed
fromjsonaccepting out-of-range integers and infinities instead of rejecting those numeric literals. - Fixed
fromjsondirect table writes so they perform the required GC write barrier. - Fixed
fromcsvaccepting junk after a quoted field and reinterpreting it as later CSV structure. - Fixed TCP socket
sendchunking so large writes are never narrowed through an oversizedint. - Fixed gzip and deflate compression rejecting inputs and output bounds too large for zlib’s single-shot
uIntfields. - Fixed
vector.unpackmanyaccepting negative offsets or counts as empty iterators. - Fixed numeric CLI options such as
format --indentand--gc-pauseaccepting trailing garbage. - Fixed sealed
requirecalls being able to load precompiled bytecode modules throughpackage.path. - Fixed sealed workers being able to load precompiled bytecode scripts after inheriting parent pledges.
- Fixed
network.fetchaccepting CA-trusted HTTPS certificates without verifying the requested hostname. - Fixed
network.fetchallowing carriage-return or line-feed characters in URL paths to reach the HTTP request line. - Fixed gzip and deflate decompression looping forever on truncated no-progress input.
- Fixed
package.searchpathprobing file existence before checking value-scopedfs:readpledges. - Fixed LZ4 and unknown-size zstd decompression accepting truncated frames as successful partial output.
- Fixed vector-returning archive compression and zstd decompression paths copying from closed
luaL_Bufferstorage. - Fixed path-scoped
fs:writepledges allowing pathless temp-file creation throughio.tmpfileandos.tmpname. - Fixed command-line
-P/--pledgerestrictions being applied only afterLUA_INIT,-e, and-lcode could run. - Fixed
fromjsonaccepting invalid object-key escapes and raw control characters, and rooted parsed strings across GC-capable table insertion. - Fixed vector and enum construction windows where partially initialized or unrooted GC objects could be collected during emergency allocation.
- Fixed
network.fetchresponse parsing for invalid or oversized lengths, truncated bodies, missing chunk terminators, and blocking read/write timeouts. - Fixed
vector.pack,vector.unpack, andvector.unpackmanybounds checks that could wrap on very largecNformat sizes. - Fixed
lus_revokepledgeturning scoped grants into global grants in the public C API. - Fixed worker error paths double-unlocking the worker mutex after signaling waiting receivers.
- Removed a stale unused
vector.unpackmanyiterator-state typedef.