From ad4fc4e2d2b9be76305a9bdef52a643ec2d2d1d3 Mon Sep 17 00:00:00 2001
From: Dibyendu Majumdar <mobile@majumdar.org.uk>
Date: Sun, 14 Feb 2021 21:53:06 +0000
Subject: [PATCH] issue #207 check size more carefully when creating a slice

---
 src/lapi.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/lapi.c b/src/lapi.c
index 6613700..9eac09a 100644
--- a/src/lapi.c
+++ b/src/lapi.c
@@ -900,7 +900,8 @@ LUA_API void ravi_create_slice(lua_State *L, int idx, unsigned int start,
     goto done;
   }
   RaviArray *orig = arrvalue(parent);
-  if (start < 1 || start + len > orig->len) {
+  unsigned int slice_len = start + len;
+  if (start < 1 || slice_len <= start || slice_len > orig->len) {
     errmsg = "cannot create a slice of given bounds";
     goto done;
   }
@@ -914,9 +915,10 @@ LUA_API void ravi_create_slice(lua_State *L, int idx, unsigned int start,
   api_incr_top(L);
   luaC_checkGC(L);
 done:
-  lua_unlock(L);
   if (errmsg)
     luaG_runerror(L, errmsg);
+  else
+    lua_unlock(L);
 }
 
 LUA_API int lua_getmetatable (lua_State *L, int objindex) {