From: Aurelien DARRAGON <adarragon@haproxy.com>
Date: Mon, 4 Mar 2024 10:25:47 +0000 (+0100)
Subject: BUG/MINOR: hlua: improper lock usage in hlua_filter_new()
X-Git-Tag: v3.0-dev5~33
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d81c2205a30cad57fa4e38a019417b85e097a5c8;p=thirdparty%2Fhaproxy.git

BUG/MINOR: hlua: improper lock usage in hlua_filter_new()

In hlua_filter_new(), after each hlua resume, we systematically try to
empty the stack by calling lua_settop(). However we're doing this without
locking the lua context, so it is unsafe in multithreading context if the
script is loaded using 'lua-load'. To fix the issue, we protect the call
with hlua_{lock,unlock}() helpers.

This should be backported up to 2.6.
---

diff --git a/src/hlua.c b/src/hlua.c
index 1b86e91992..2339711a38 100644
--- a/src/hlua.c
+++ b/src/hlua.c
@@ -11956,8 +11956,11 @@ static int hlua_filter_new(struct stream *s, struct filter *filter)
 	}
 
   end:
-	if (s->hlua)
+	if (s->hlua) {
+		hlua_lock(s->hlua);
 		lua_settop(s->hlua->T, 0);
+		hlua_unlock(s->hlua);
+	}
 	if (ret <= 0) {
 		if (flt_ctx) {
 			hlua_ctx_destroy(flt_ctx->hlua[0]);