[MediaWiki-commits] [Gerrit] Don't leak zvals when a timeout is hit - change (mediawiki...luasandbox)

Wed, 06 Mar 2013 21:53:36 -0800 

Tim Starling has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/52585


Change subject: Don't leak zvals when a timeout is hit
......................................................................

Don't leak zvals when a timeout is hit

The unit tests for I1188123 hit this bug. On timeout, execution returns
to PHP with the timed_out flag set. Then when the LuaSandbox object is
destroyed, lua_close() is called, which calls
luasandbox_free_zval_userdata() for each zval stored in the state. This
in turn calls luasandbox_enter_php(), which causes a call to lua_error()
if the timed_out flag is set, aborting the __gc metamethod without
freeing the reference.

The fix ignores the timed_out flag during userdata destruction.

Change-Id: I30b98cc8577b31f2b51d611bf195493e19971ad8
---
M data_conversion.c
M php_luasandbox.h
2 files changed, 14 insertions(+), 1 deletion(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/php/luasandbox 
refs/changes/85/52585/1

diff --git a/data_conversion.c b/data_conversion.c
index b151473..85f62df 100644
--- a/data_conversion.c
+++ b/data_conversion.c
@@ -113,7 +113,10 @@
 {
        zval ** zpp = (zval**)lua_touserdata(L, 1);
        php_luasandbox_obj * intern = luasandbox_get_php_obj(L);
-       luasandbox_enter_php(L, intern);
+
+       // Don't abort if the request has timed out, we need to be able to 
clean up
+       luasandbox_enter_php_ignore_timeouts(L, intern);
+
        if (zpp && *zpp) {
                zval_ptr_dtor(zpp);
        }
diff --git a/php_luasandbox.h b/php_luasandbox.h
index 0af7c25..d31ac01 100644
--- a/php_luasandbox.h
+++ b/php_luasandbox.h
@@ -88,6 +88,16 @@
 }
 /* }}} */
 
+/**
+ * {{ luasandbox_enter_php_ignore_timeouts
+ *
+ * Like luasandbox_enter_php except that no error is raised if a timeout has 
occurred
+ */
+static inline void luasandbox_enter_php_ignore_timeouts(lua_State * L, 
php_luasandbox_obj * intern)
+{
+       intern->in_php ++;
+}
+
 /** {{{ luasandbox_leave_php
  *
  * This function must be called after luasandbox_enter_php, before the 
callback 

-- 
To view, visit https://gerrit.wikimedia.org/r/52585
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I30b98cc8577b31f2b51d611bf195493e19971ad8
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/php/luasandbox
Gerrit-Branch: master
Gerrit-Owner: Tim Starling <tstarl...@wikimedia.org>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to