Fix potential vulnerable cloned function

[npt-1707]

Hi Development Team,

I identified a potential vulnerability in a clone function luaG_runerror() in depends/lua/src/ldebug.c sourced from lua/lua. This issue, originally reported in CVE-2022-33099, was resolved in the repository via this commit lua/lua@42d4058.

This PR applies the corresponding patch to fix the vulnerabilities in this codebase.

Please review at your convenience. Thank you!

[silverwing235]

Duplicate of #5465

[ab9rf]

This isn't a duplicate of #5465; however, the patch is based on a change in 5.4 and as we're on 5.3 I am not going to blithely apply it without more information. Given the low importance of this change, I'm not inclined to put out a lot of effort doing this.

Let me also point out that this is a buffer overrun, which in our context would mean that a Lua script author could potentially use this to run local code. As a Lua script author already has the unlimited ability to run local code anyway, all this amounts to is that there is a small risk that extremely stupid Lua code could cause an application crash. Obviously, this is not something we care all that terribly much about, and so the effort that we'll go to to investigate whether this change is worth applying is very limited.

I'm therefore not recommend this be merged until someone has confirmed that the change proposed is appropriate for Lua 5.3, either by examining the differential between 5.3 and 5.4, or by testing it on our platform. I very much doubt that the OP has done either of these things.