Any val_args functions with side-effects is unsafe for use in the Lua
context, and previously this stopped them from having object methods
created except where explicitly whitelisted (val_payload_lv, val_hdr).
Using the new val_args_flags field, we can track which sample
fetches/converters are safe, without having to explicitly whitelist in
the lua codebase.
Before any val_args function is used, the val_args_flags field is
checked as an additional safety measure.
The following fetch/converters are now available from Lua:
- 51d.all (51d_all)
- 51d.single (51d_all)
- distcc_body
- distcc_param
- bool
- meth
- json
- field
- word
- regsub
Initial-Discovery: Yue Zhu <y...@digitalocean.com>
Signed-off-by: Robin H. Johnson <robb...@gentoo.org>
Signed-off-by: Robin H. Johnson <rjohn...@digitalocean.com>
---
src/hlua.c | 28 +++++++++++++++++++---------
1 file changed, 19 insertions(+), 9 deletions(-)
diff --git a/src/hlua.c b/src/hlua.c
index a9d126b53..6ddfed4b3 100644
--- a/src/hlua.c
+++ b/src/hlua.c
@@ -3299,9 +3299,14 @@ __LJMP static int hlua_run_sample_fetch(lua_State *L)
MAY_LJMP(hlua_lua2arg_check(L, 2, args, f->arg_mask, hsmp->p));
/* Run the special args checker. */
- if (f->val_args && !f->val_args(args, NULL)) {
- lua_pushfstring(L, "error in arguments");
- WILL_LJMP(lua_error(L));
+ if (f->val_args) {
+ if (unlikely(f->val_args_flags != SMP_VAL_ARGS_F_SAFE)) {
+ lua_pushfstring(L, "argument validation is unsafe");
+ WILL_LJMP(lua_error(L));
+ } else if(!f->val_args(args, NULL)) {
+ lua_pushfstring(L, "error in arguments");
+ WILL_LJMP(lua_error(L));
+ }
}
/* Initialise the sample. */
@@ -3405,9 +3410,14 @@ __LJMP static int hlua_run_sample_conv(lua_State *L)
MAY_LJMP(hlua_lua2arg_check(L, 3, args, conv->arg_mask, hsmp->p));
/* Run the special args checker. */
- if (conv->val_args && !conv->val_args(args, conv, "", 0, NULL)) {
- hlua_pusherror(L, "error in arguments");
- WILL_LJMP(lua_error(L));
+ if (conv->val_args) {
+ if (unlikely(conv->val_args_flags != SMP_VAL_ARGS_F_SAFE)) {
+ lua_pushfstring(L, "argument validation is unsafe");
+ WILL_LJMP(lua_error(L));
+ } else if (!conv->val_args(args, conv, "", 0, NULL)) {
+ hlua_pusherror(L, "error in arguments");
+ WILL_LJMP(lua_error(L));
+ }
}
/* Initialise the sample. */
@@ -7668,8 +7678,7 @@ void hlua_init(void)
* not safe during the runtime.
*/
if ((sf->val_args != NULL) &&
- (sf->val_args != val_payload_lv) &&
- (sf->val_args != val_hdr))
+ (sf->val_args_flags != SMP_VAL_ARGS_F_SAFE))
continue;
/* gL.Tua doesn't support '.' and '-' in the function names,
replace it
@@ -7714,7 +7723,8 @@ void hlua_init(void)
/* Dont register the keywork if the arguments check function are
* not safe during the runtime.
*/
- if (sc->val_args != NULL)
+ if ((sc->val_args != NULL) &&
+ (sc->val_args_flags != SMP_VAL_ARGS_F_SAFE))
continue;
/* gL.Tua doesn't support '.' and '-' in the function names,
replace it
--
2.18.0
