[1.12.2] Regression in 1.8.4 related to OpenOS exception handling
RealityAnomaly opened this issue ยท 2 comments
In 1.8.4, when I cause an exception to be thrown in OpenOS, occasionally the console will be spammed with text, which boils down to the following error: /lib/process.lua:63: in function </lib/process.lua:59>attempt to yield across a C-call boundary
.
This does not happen in 1.8.3, but it requires a fresh install of OpenOS, for unknown reasons. This commit 9d4f7ea looks potentially suspicious as a cause for the problem as it was introduced in 1.8.4.
And also, can you tell me a bit more about the circumstances (MC version, progamm running...), so I can attempt to reproduce ?
I agree with you. It is certainly caused by resolving GHSA-54j4-xpgj-cq4g, after all it is something solved in OC 1.8.4 and it affected also pcall / xpcall. Knowing these functions are used for error handling, it wouldn't surprise me if it was the cause, but the problem is that it resolved a security issue allowing to DDoS a server by throwing an exception...