Skip to content

Commit

Permalink
Fix LUA garbage collector (CVE-2024-46981) (#1513)
Browse files Browse the repository at this point in the history 
Reset GC state before closing the lua VM to prevent user data to be
wrongly freed while still might be used on destructor callbacks.

Created and publish by Redis in their OSS branch.

Signed-off-by: Madelyn Olson <[email protected]>
Co-authored-by: YaacovHazan <[email protected]>
  • Loading branch information
@madolson @YaacovHazan @hpatro
2 people authored and hpatro committed Jan 6, 2025
1 parent b98e0aa commit 151d6ce
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions src/eval.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -279,6 +279,7 @@ void scriptingRelease(int async) {
else
dictRelease(lctx.lua_scripts);
lctx.lua_scripts_mem = 0;
lua_gc(lctx.lua, LUA_GCCOLLECT, 0);
lua_close(lctx.lua);
}

Expand Down

0 comments on commit 151d6ce

Please sign in to comment.