Overview

File CVE-2024-46981.patch of Package redis.36949

From ca0a9ab822dcd6d6ec6e2b6dd3a7d7b0dd8fc912 Mon Sep 17 00:00:00 2001
From: YaacovHazan <yaacov.hazan@redis.com>
Date: Sun, 22 Dec 2024 10:48:27 +0200
Subject: [PATCH] Fix LUA garbage collector (CVE-2024-46981)

Reset GC state before closing the lua VM to prevent user data
to be wrongly freed while still might be used on destructor callbacks.
---
 src/scripting.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/scripting.c b/src/scripting.c
index 9b926e8d05a..656d4dd1612 100644
--- a/src/scripting.c
+++ b/src/scripting.c
@@ -1467,6 +1467,7 @@ void scriptingRelease(int async) {
     else
         dictRelease(server.lua_scripts);
     server.lua_scripts_mem = 0;
+    lua_gc(server.lua, LUA_GCCOLLECT, 0);
     lua_close(server.lua);
 }
openSUSE Build Service is sponsored by
Places