mirror of
				https://git.proxmox.com/git/mirror_zfs
				synced 2025-10-26 07:16:23 +00:00 
			
		
		
		
	lua: add flex array field to TString type
Linux 6.10+ with CONFIG_FORTIFY_SOURCE notices memcpy() accessing past the end of TString, because it has no indication that there there may be an additional allocation there. There's no appropriate upstream change for this (ancient) version of Lua, so this is the narrowest change I could come up with to add a flex array field to the end of TString to satisfy the check. It's loosely based on changes from lua/lua@ca41b43f and lua/lua@9514abc2. Sponsored-by: https://despairlabs.com/sponsor/ Reviewed-by: Alexander Motin <mav@FreeBSD.org> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Rob Norris <robn@despairlabs.com> Closes #16541 Closes #16583
This commit is contained in:
		
							parent
							
								
									5591505299
								
							
						
					
					
						commit
						c84a37ae93
					
				| @ -404,7 +404,8 @@ typedef TValue *StkId;  /* index to stack elements */ | |||||||
| /*
 | /*
 | ||||||
| ** Header for string value; string bytes follow the end of this structure | ** Header for string value; string bytes follow the end of this structure | ||||||
| */ | */ | ||||||
| typedef union TString { | typedef struct TString { | ||||||
|  |   union { | ||||||
|     L_Umaxalign dummy;  /* ensures maximum alignment for strings */ |     L_Umaxalign dummy;  /* ensures maximum alignment for strings */ | ||||||
|     struct { |     struct { | ||||||
|       CommonHeader; |       CommonHeader; | ||||||
| @ -412,11 +413,13 @@ typedef union TString { | |||||||
|       unsigned int hash; |       unsigned int hash; | ||||||
|       size_t len;  /* number of characters in string */ |       size_t len;  /* number of characters in string */ | ||||||
|     } tsv; |     } tsv; | ||||||
|  |   }; | ||||||
|  |   char contents[]; | ||||||
| } TString; | } TString; | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
| /* get the actual string (array of bytes) from a TString */ | /* get the actual string (array of bytes) from a TString */ | ||||||
| #define getstr(ts)	cast(const char *, (ts) + 1) | #define getstr(ts)	((ts)->contents) | ||||||
| 
 | 
 | ||||||
| /* get the actual string (array of bytes) from a Lua value */ | /* get the actual string (array of bytes) from a Lua value */ | ||||||
| #define svalue(o)       getstr(rawtsvalue(o)) | #define svalue(o)       getstr(rawtsvalue(o)) | ||||||
|  | |||||||
| @ -185,7 +185,7 @@ struct lua_State { | |||||||
| */ | */ | ||||||
| union GCObject { | union GCObject { | ||||||
|   GCheader gch;  /* common header */ |   GCheader gch;  /* common header */ | ||||||
|   union TString ts; |   struct TString ts; | ||||||
|   union Udata u; |   union Udata u; | ||||||
|   union Closure cl; |   union Closure cl; | ||||||
|   struct Table h; |   struct Table h; | ||||||
|  | |||||||
| @ -103,7 +103,7 @@ static TString *createstrobj (lua_State *L, const char *str, size_t l, | |||||||
|   ts->tsv.len = l; |   ts->tsv.len = l; | ||||||
|   ts->tsv.hash = h; |   ts->tsv.hash = h; | ||||||
|   ts->tsv.extra = 0; |   ts->tsv.extra = 0; | ||||||
|   sbuf = (char *)(TString *)(ts + 1); |   sbuf = ts->contents; | ||||||
|   memcpy(sbuf, str, l*sizeof(char)); |   memcpy(sbuf, str, l*sizeof(char)); | ||||||
|   sbuf[l] = '\0';  /* ending 0 */ |   sbuf[l] = '\0';  /* ending 0 */ | ||||||
|   return ts; |   return ts; | ||||||
|  | |||||||
| @ -12,7 +12,7 @@ | |||||||
| #include "lstate.h" | #include "lstate.h" | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
| #define sizestring(s)	(sizeof(union TString)+((s)->len+1)*sizeof(char)) | #define sizestring(s)	(sizeof(struct TString)+((s)->len+1)*sizeof(char)) | ||||||
| 
 | 
 | ||||||
| #define sizeudata(u)	(sizeof(union Udata)+(u)->len) | #define sizeudata(u)	(sizeof(union Udata)+(u)->len) | ||||||
| 
 | 
 | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user
	 Rob Norris
						Rob Norris