[Rpm-maint] [rpm-software-management/rpm] Make rpmluaCallStringFunction more robust (PR #1839)
Michael Schroeder
notifications at github.com
Mon Nov 22 09:50:31 UTC 2021
Doing the function lookup with calls to lua_getfield is dangerous
because the lookup might trigger an __index function that may
contain an error. This results in the lua library calling abort()
as no exception handler is set.
So change the code to do the lookup via a pcall(). Also do the
string conversion with a pcall() because tostring is also not
safe.
You can view, comment on, or merge this pull request online at:
https://github.com/rpm-software-management/rpm/pull/1839
-- Commit Summary --
* Make rpmluaCallStringFunction more robust
-- File Changes --
M rpmio/rpmlua.c (62)
-- Patch Links --
https://github.com/rpm-software-management/rpm/pull/1839.patch
https://github.com/rpm-software-management/rpm/pull/1839.diff
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1839
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20211122/12107708/attachment.html>
More information about the Rpm-maint
mailing list