BUG/MINOR: hlua: fix uninitialized var in hlua_core_get_var()

As raised by Coverity in GH #2223, f034139bc0 ("MINOR: lua: Allow reading
"proc." scoped vars from LUA core.") causes uninitialized reads due to
smp being passed to vars_get_by_name() without being initialized first.

Indeed, vars_get_by_name() tries to read smp->sess and smp->strm pointers.
As we're only interested in the PROC var scope, it is safe to call
vars_get_by_name() with sess and strm pointers set to NULL, thus we
simply memset smp prior to calling vars_get_by_name() to fix the issue.

This should be backported in 2.9 with f034139bc0.

diff --git a/src/hlua.c b/src/hlua.c
index 008f6726fc622744342bf69d59082f8def1c5658..8f6f988667b58a9e67eefa286fc22600a8d7890e 100644 (file)
--- a/src/hlua.c
+++ b/src/hlua.c
@@ -2026,6 +2026,7 @@ static int hlua_set_map(lua_State *L)
        if (len < 5 || strncmp(name, "proc.", 5) != 0)
                WILL_LJMP(luaL_error(L, "'get_var': Only 'proc.' scope allowed to be retrieved in 'core.get_var()'."));
 
+       memset(&smp, 0, sizeof(smp));
        if (!vars_get_by_name(name, len, &smp, NULL)) {
                lua_pushnil(L);
                return 1;