From 564addcb727bfb3dd46507ec824f11c20c6bb861 Mon Sep 17 00:00:00 2001 From: Aurelien DARRAGON Date: Wed, 24 Jan 2024 16:10:55 +0100 Subject: [PATCH] BUG/MINOR: hlua: fix uninitialized var in hlua_core_get_var() As raised by Coverity in GH #2223, f034139bc0 ("MINOR: lua: Allow reading "proc." scoped vars from LUA core.") causes uninitialized reads due to smp being passed to vars_get_by_name() without being initialized first. Indeed, vars_get_by_name() tries to read smp->sess and smp->strm pointers. As we're only interested in the PROC var scope, it is safe to call vars_get_by_name() with sess and strm pointers set to NULL, thus we simply memset smp prior to calling vars_get_by_name() to fix the issue. This should be backported in 2.9 with f034139bc0. --- src/hlua.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/hlua.c b/src/hlua.c index 008f6726f..8f6f98866 100644 --- a/src/hlua.c +++ b/src/hlua.c @@ -2026,6 +2026,7 @@ static int hlua_set_map(lua_State *L) if (len < 5 || strncmp(name, "proc.", 5) != 0) WILL_LJMP(luaL_error(L, "'get_var': Only 'proc.' scope allowed to be retrieved in 'core.get_var()'.")); + memset(&smp, 0, sizeof(smp)); if (!vars_get_by_name(name, len, &smp, NULL)) { lua_pushnil(L); return 1;