From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtpng2.m.smailru.net (smtpng2.m.smailru.net [94.100.179.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id 7E49546970F for ; Sat, 30 Nov 2019 00:36:25 +0300 (MSK) From: Maria Date: Sat, 30 Nov 2019 00:36:24 +0300 Message-Id: <20191129213624.35735-1-maria.khaydich@tarantool.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [Tarantool-patches] [PATCH] Stack use after scope List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: tarantool-patches@dev.tarantool.org, georgy@tarantool.org Json decode method allocated serializer struct on stack and referenced it after scope. Thanks to @Korablev77 for the initial investigation. Closes #4637 --- third_party/lua-cjson/lua_cjson.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/third_party/lua-cjson/lua_cjson.c b/third_party/lua-cjson/lua_cjson.c index 3d7edbf28..3d25814f3 100644 --- a/third_party/lua-cjson/lua_cjson.c +++ b/third_party/lua-cjson/lua_cjson.c @@ -1005,10 +1005,10 @@ static int json_decode(lua_State *l) "expected 1 or 2 arguments"); if (lua_gettop(l) == 2) { - struct luaL_serializer user_cfg = *luaL_checkserializer(l); - luaL_serializer_parse_options(l, &user_cfg); + struct luaL_serializer *user_cfg = luaL_checkserializer(l); + luaL_serializer_parse_options(l, user_cfg); lua_pop(l, 1); - json.cfg = &user_cfg; + json.cfg = user_cfg; } else { json.cfg = luaL_checkserializer(l); } -- 2.20.1 (Apple Git-117)