From: Marvin W <git@larma.de>
Date: Mon, 16 Nov 2020 19:55:14 +0000 (+0100)
Subject: auth: db-lua - Fix invalid stack empty check
X-Git-Tag: 2.3.14.rc1~208
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2c57a92661b004b8e375f95c1bda0bbddac4395f;p=thirdparty%2Fdovecot%2Fcore.git

auth: db-lua - Fix invalid stack empty check

3e11b97 introduced assertions to ensure the lua stack is empty after
execution.  In auth_lua_call_password_verify() this check was inserted
*before* popping the error message from the stack, ultimately causing the
assertion to fail every time the lua script has a runtime error, leading to
process crashing.
---

diff --git a/src/auth/db-lua.c b/src/auth/db-lua.c
index 2ce28884a1..afc3cc21e1 100644
--- a/src/auth/db-lua.c
+++ b/src/auth/db-lua.c
@@ -627,8 +627,8 @@ auth_lua_call_password_verify(struct dlua_script *script,
 		*error_r = t_strdup_printf("db-lua: %s(req, password) failed: %s",
 					   AUTH_LUA_PASSWORD_VERIFY,
 					   lua_tostring(script->L, -1));
-		i_assert(lua_gettop(script->L) == 0);
 		lua_pop(script->L, 1);
+		i_assert(lua_gettop(script->L) == 0);
 		return PASSDB_RESULT_INTERNAL_FAILURE;
 	} else if (!lua_isnumber(script->L, -2)) {
 		*error_r = t_strdup_printf("db-lua: %s invalid return value "