From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pf1-f196.google.com (mail-pf1-f196.google.com [209.85.210.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id 9B5BD452566 for ; Mon, 4 Nov 2019 20:23:36 +0300 (MSK) Received: by mail-pf1-f196.google.com with SMTP id c184so12715674pfb.0 for ; Mon, 04 Nov 2019 09:23:36 -0800 (PST) Date: Mon, 4 Nov 2019 20:23:32 +0300 From: Konstantin Osipov Message-ID: <20191104172332.GC29784@atlas> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Subject: Re: [Tarantool-patches] [PATCH 3/3] session: su left dangling credentials object on stack List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Vladislav Shpilevoy Cc: tarantool-patches@dev.tarantool.org * Vladislav Shpilevoy [19/11/01 00:39]: > Box.session.su() worked like following: check user > existence, create its credentials on the stack, check > the function, call the function, destroy the > credentials, restore the old credentials. > > After creating the credentials on the stack the > function check could raise a Lua error. It led to the > credentials object not being destroyed. As a result, > user.credentials_list was pointing at invalid memory. > > Now there is no errors between creating the temporary > credentials and its destruction. lgtm -- Konstantin Osipov, Moscow, Russia