From efddc2309c5ff8a1842bea8a9c0d7d4a5d6e1e60 Mon Sep 17 00:00:00 2001
From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date: Wed, 1 Apr 2026 15:01:58 -0300
Subject: [PATCH] Bug: wrong initialization in result from 'gmatch'

Function returned by 'string.gmatch' can be left in an inconsistent
state after an error.
---
 lstrlib.c     | 10 ++++++++--
 testes/pm.lua | 10 ++++++++++
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/lstrlib.c b/lstrlib.c
index 874cec80..dd3c0fd0 100644
--- a/lstrlib.c
+++ b/lstrlib.c
@@ -757,19 +757,25 @@ static int nospecials (const char *p, size_t l) {
 }
 
 
+/*
+** Prepare state for matches. These fields are not affected by each match.
+*/
 static void prepstate (MatchState *ms, lua_State *L,
                        const char *s, size_t ls, const char *p, size_t lp) {
   ms->L = L;
-  ms->matchdepth = MAXCCALLS;
   ms->src_init = s;
   ms->src_end = s + ls;
   ms->p_end = p + lp;
 }
 
 
+/*
+** (Re)prepare state for a match, setting fields that change during
+** each match.
+*/
 static void reprepstate (MatchState *ms) {
+  ms->matchdepth = MAXCCALLS;
   ms->level = 0;
-  lua_assert(ms->matchdepth == MAXCCALLS);
 }
 
 
diff --git a/testes/pm.lua b/testes/pm.lua
index 720d2a35..feab33db 100644
--- a/testes/pm.lua
+++ b/testes/pm.lua
@@ -347,6 +347,16 @@ do   -- init parameter in gmatch
 end
 
 
+do  -- bug since 5.3
+  local N = 20000
+  local iter = string.gmatch(string.rep("a", N), string.rep("a?", N))
+  pcall(iter)   -- error for pattern too complex
+  -- calling function again found recursion count ('matchdepth') equal
+  -- to -1, so it did not detect next C-stack overflow
+  pcall(iter)
+end
+
+
 -- tests for `%f' (`frontiers')
 
 assert(string.gsub("aaa aa a aaa a", "%f[%w]a", "x") == "xaa xa x xaa x")