[Tarantool-patches] [PATCH 2/3] merger: fix NULL dereference when called via iproto
Vladislav Shpilevoy
v.shpilevoy at tarantool.org
Fri Jun 19 01:47:46 MSK 2020
Hi! Thanks for the fixes!
On 17/06/2020 19:53, Alexander Turenko wrote:
>>> Usage of the fiber-local Lua state is not quite correct now: merge
>>> source code may left garbage on a stack in case of failures (like
>>
>> 1. merge -> merger.
>
> I use term 'merge source' for sources, we agreed on it with Vladimir D.,
> when the merger was designed. Removed 'code' to don't confuse a reader:
> 'merge source code' -> 'a merge source'.
Exactly. I read it as 'source code', not 'merge source'. Now it is fine.
>>> + struct lua_State *L = luaT_newthread(tarantool_L);
>>> + if (L == NULL)
>>> + return NULL;
>>
>> 2. luaT_newthread() does not set a diag. That may lead to a crash,
>> because as far as I see, this function may be called
>> lbox_merge_source_gen() indirectly, somewhere deep in the callstack.
>> And it luaT_error(), when merge_source_next() fails.
>
> As I see, it is not so.
>
> luaT_newthread_wrapper() may raise a Lua error (only 'not enough memory'
> I guess), luaT_cpcall() calls luaT_toerror() in this case, which invokes
> diag_set(LuajitError, <...>).
>
> Isn't I miss something?
You are right, all is fine here.
More information about the Tarantool-patches
mailing list