From 510c1070bfd07eb1884a89b00f2a19f540d01eca Mon Sep 17 00:00:00 2001 From: npt-1707 Date: Fri, 25 Apr 2025 02:28:33 +0800 Subject: [PATCH] Fix potential vulnerable cloned functions: Security: update Lua struct package for security. --- src/redis/lua/struct/lua_struct.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/src/redis/lua/struct/lua_struct.c b/src/redis/lua/struct/lua_struct.c index e8fb83996..2e44c0a52 100644 --- a/src/redis/lua/struct/lua_struct.c +++ b/src/redis/lua/struct/lua_struct.c @@ -82,14 +82,12 @@ typedef struct Header { } Header; -static int getnum (lua_State *L, const char **fmt, int df) { +static int getnum (const char **fmt, int df) { if (!isdigit(**fmt)) /* no number? */ return df; /* return default value */ else { int a = 0; do { - if (a > (INT_MAX / 10) || a * 10 > (INT_MAX - (**fmt - '0'))) - luaL_error(L, "integral size overflow"); a = a*10 + *((*fmt)++) - '0'; } while (isdigit(**fmt)); return a; @@ -110,9 +108,9 @@ static size_t optsize (lua_State *L, char opt, const char **fmt) { case 'f': return sizeof(float); case 'd': return sizeof(double); case 'x': return 1; - case 'c': return getnum(L, fmt, 1); + case 'c': return getnum(fmt, 1); case 'i': case 'I': { - int sz = getnum(L, fmt, sizeof(int)); + int sz = getnum(fmt, sizeof(int)); if (sz > MAXINTSIZE) luaL_error(L, "integral size %d is larger than limit of %d", sz, MAXINTSIZE); @@ -145,7 +143,7 @@ static void controloptions (lua_State *L, int opt, const char **fmt, case '>': h->endian = BIG; return; case '<': h->endian = LITTLE; return; case '!': { - int a = getnum(L, fmt, MAXALIGN); + int a = getnum(fmt, MAXALIGN); if (!isp2(a)) luaL_error(L, "alignment %d is not a power of 2", a); h->align = a;