- protect column, columns and pinfo from dereferencing invalid data saved by the user.

- columns live for less than a packet's time, use ep_alloc not g_malloc - tvbranges are ephemeral too doc/ is to remain as a placeholder for upcoming docs. lualib/ is to be deleted (if needed it should go in trunk) but it appears that once I added if I do not check it in I cannot delete it. svn path=/trunk/; revision=17305
author: Luis Ontanon <luis.ontanon@gmail.com> 2006-02-15 01:21:51 +0000
committer: Luis Ontanon <luis.ontanon@gmail.com> 2006-02-15 01:21:51 +0000
commit: 86ea89f2aa52f4db6bbfa814ea19b83041c3fc26 (patch)
tree: c211a20493885692837957c8237b053fbb4f4136 /plugins/lua
parent: 844ec9f7a114fde01a05a24c7d1c6e653613f2ce (diff)
5 files changed, 62 insertions, 42 deletions
diff --git a/plugins/lua/lua_pinfo.c b/plugins/lua/lua_pinfo.c
index 5d33d89907..5601bd82b2 100644
--- a/plugins/lua/lua_pinfo.c
+++ b/plugins/lua/lua_pinfo.c
@@ -30,11 +30,36 @@
 #include <epan/addr_resolv.h>
 #include <string.h>
 
-LUA_CLASS_DEFINE(Column,COLUMN,NOP)
-LUA_CLASS_DEFINE(Columns,COLUMNS,NOP)
-LUA_CLASS_DEFINE(Pinfo,PINFO,if (! *p) luaL_error(L,"null pinfo"))
+LUA_CLASS_DEFINE(Column,COLUMN,if (! *p) luaL_error(L,"expired column"))
+LUA_CLASS_DEFINE(Columns,COLUMNS,if (! *p) luaL_error(L,"expired columns"))
+LUA_CLASS_DEFINE(Pinfo,PINFO,if (! *p) luaL_error(L,"expired pinfo"))
 LUA_CLASS_DEFINE(Address,ADDRESS,NOP)
 
+
+/*
+ * NULLify lua userdata to avoid crashing when trying to
+ * access saved copies of invalid stuff.
+ *
+ * see comment on lua_tvb.c
+ */
+
+static GPtrArray* outstanding_stuff = NULL;
+
+void clear_outstanding_pinfos(void) {
+    while (outstanding_stuff->len) {
+        void** p = (void**)g_ptr_array_remove_index_fast(outstanding_stuff,0);
+        *p = NULL;
+    }
+}
+
+void push_Pinfo(lua_State* L, Pinfo pinfo) {
+    void** p = (void**)pushPinfo(L,pinfo);
+    g_ptr_array_add(outstanding_stuff,p);
+}
+
+#define PUSH_COLUMN(L,c) g_ptr_array_add(outstanding_stuff,pushColumn(L,c))
+#define PUSH_COLUMNS(L,c) g_ptr_array_add(outstanding_stuff,pushColumns(L,c))
+
 static int Address_ip(lua_State* L) {
     Address addr = g_malloc(sizeof(address));
     guint32* ip_addr = g_malloc(sizeof(guint32));
@@ -372,14 +397,13 @@ static int Column_tostring(lua_State *L) {
     const gchar* name;
     
     if (!(c)) {
-        luaL_error(L,"Bad column");
         return 0;
-    } else {
-        /* TODO: format the column */
-        name = col_id_to_name(c->col);
-        lua_pushstring(L,name ? name : "Unknown Column");
     }
     
+    /* XXX: can we format the column? */
+    name = col_id_to_name(c->col);
+    lua_pushstring(L,name ? name : "Unknown Column");
+    
     return 1;
 }
 
@@ -429,13 +453,6 @@ static int Column_preppend(lua_State *L) {
     return 0;
 }
 
-static int Column_gc(lua_State *L) {
-    Column c = checkColumn(L,1);
-    if (!c) return 0;
-    g_free(c);
-    return 0;
-}
-
 static const luaL_reg Column_methods[] = {
     {"clear", Column_clear },
     {"set", Column_set },
@@ -446,7 +463,6 @@ static const luaL_reg Column_methods[] = {
 
 
 static const luaL_reg Column_meta[] = {
-    {"__gc", Column_gc },
     {"__tostring", Column_tostring },
     {0,0}
 };
@@ -508,11 +524,11 @@ static int Columns_index(lua_State *L) {
     const char* colname = luaL_checkstring(L,2);
 
     if (!cols) {
-        Column c = g_malloc(sizeof(struct _eth_col_info));
+        Column c = ep_alloc(sizeof(struct _eth_col_info));
         c->cinfo = NULL;
         c->col = col_name_to_id(colname);
         
-        pushColumn(L,c);
+        PUSH_COLUMN(L,c);
         return 1;
     }
     
@@ -522,11 +538,11 @@ static int Columns_index(lua_State *L) {
 
     for(cn = colnames; cn->name; cn++) {
         if( g_str_equal(cn->name,colname) ) {
-            Column c = g_malloc(sizeof(struct _eth_col_info));
+            Column c = ep_alloc(sizeof(struct _eth_col_info));
             c->cinfo = cols;
             c->col = col_name_to_id(colname);
 
-            pushColumn(L,c);
+            PUSH_COLUMN(L,c);
             return 1;
         }
     }
@@ -628,10 +644,10 @@ static int Pinfo_columns(lua_State *L) {
     const gchar* colname = luaL_optstring(L,2,NULL);
 
     if (!colname) {
-        pushColumns(L,pinfo->cinfo);
+        PUSH_COLUMNS(L,pinfo->cinfo);
     } else {
         lua_settop(L,0);
-        pushColumns(L,pinfo->cinfo);
+        PUSH_COLUMNS(L,pinfo->cinfo);
         lua_pushstring(L,colname);
         return Columns_index(L);
     }
@@ -810,6 +826,8 @@ int Pinfo_register(lua_State* L) {
     luaL_newmetatable(L, PINFO);
     luaL_openlib(L, NULL, Pinfo_meta, 0);
 
+    outstanding_stuff = g_ptr_array_new();
+    
     return 1;
 }
 
diff --git a/plugins/lua/lua_tap.c b/plugins/lua/lua_tap.c
index 8bdd3894fb..24b7e5de30 100644
--- a/plugins/lua/lua_tap.c
+++ b/plugins/lua/lua_tap.c
@@ -210,7 +210,11 @@ struct _eth_tap {
 
 int tap_packet_cb_error_handler(lua_State* L) {
     const gchar* error =  lua_tostring(L,1);
+    
+    /* XXX: UGLY! this can flood the user with windows to close! */  
+    
     report_failure("Lua: Error During execution of Tap Packet Callback:\n %s",error);
+    
     return 0;    
 }
 
@@ -218,14 +222,16 @@ int tap_packet_cb_error_handler(lua_State* L) {
 int lua_tap_packet(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _U_ , const void *data _U_) {
     Tap tap = tapdata;
     int retval = 0;
-    
+
     if (tap->packet_ref == LUA_NOREF) return 0;
 
     lua_settop(tap->L,0);
     
     lua_pushcfunction(tap->L,tap_packet_cb_error_handler);
     lua_rawgeti(tap->L, LUA_REGISTRYINDEX, tap->packet_ref);
-    pushPinfo(tap->L, pinfo);
+    
+    push_Pinfo(tap->L, pinfo);
+    
     lua_rawgeti(tap->L, LUA_REGISTRYINDEX, tap->data_ref);
     
     switch ( lua_pcall(tap->L,2,1,1) ) {
@@ -248,6 +254,8 @@ int lua_tap_packet(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _U_ ,
             break;
     }
     
+    clear_outstanding_pinfos();
+    
     return retval;
 }
 
diff --git a/plugins/lua/lua_tvb.c b/plugins/lua/lua_tvb.c
index 79fad7046b..e96129bda4 100644
--- a/plugins/lua/lua_tvb.c
+++ b/plugins/lua/lua_tvb.c
@@ -290,26 +290,20 @@ int ByteArray_register(lua_State* L) {
 LUA_CLASS_DEFINE(Tvb,TVB,if (! *p) luaL_error(L,"expired tvb"))
 LUA_CLASS_DEFINE(TvbRange,TVB_RANGE,if (! *p) luaL_error(L,"expired tvbrange"))
 
-GPtrArray* allocated_tvbs = NULL;
-GPtrArray* allocated_tvbrs = NULL;
+static GPtrArray* outstanding_stuff = NULL;
 
-#define PUSH_TVB(L,t) g_ptr_array_add(allocated_tvbs,pushTvb(L,t))
-#define PUSH_TVBRANGE(L,t) g_ptr_array_add(allocated_tvbs,pushTvbRange(L,t))
+#define PUSH_TVB(L,t) g_ptr_array_add(outstanding_stuff,pushTvb(L,t))
+#define PUSH_TVBRANGE(L,t) g_ptr_array_add(outstanding_stuff,pushTvbRange(L,t))
 
 void clear_outstanding_tvbs(void) {
-    while (allocated_tvbrs->len) {
-        Tvb* p = (Tvb*)g_ptr_array_remove_index_fast(allocated_tvbs,0);
+    while (outstanding_stuff->len) {
+        void** p = (void**)g_ptr_array_remove_index_fast(outstanding_stuff,0);
         *p = NULL;
     }
-    while (allocated_tvbrs->len) {
-        TvbRange* p = (TvbRange*)g_ptr_array_remove_index_fast(allocated_tvbrs,0);
-        if (p) g_free(*p);
-        *p = NULL;
-    }
-    
 }
 
 
+
 /*
  * Tvb_new_real(bytearray,name)
  *  Creates a new Tvb from a bytearray (adds it to the frame too)
@@ -412,9 +406,6 @@ static const luaL_reg Tvb_meta[] = {
 };
 
 int Tvb_register(lua_State* L) {
-
-    allocated_tvbs = g_ptr_array_new();
-
     luaL_openlib(L, TVB, Tvb_methods, 0);
     luaL_newmetatable(L, TVB);
     luaL_openlib(L, 0, Tvb_meta, 0);
@@ -448,7 +439,7 @@ TvbRange new_TvbRange(lua_State* L, tvbuff_t* tvb, int offset, int len) {
         return NULL;
     }
     
-    tvbr = g_malloc(sizeof(struct _eth_tvbrange));
+    tvbr = ep_alloc(sizeof(struct _eth_tvbrange));
     tvbr->tvb = tvb;
     tvbr->offset = offset;
     tvbr->len = len;
@@ -732,7 +723,7 @@ static const luaL_reg TvbRange_meta[] = {
 
 int TvbRange_register(lua_State* L) {
     
-    allocated_tvbrs = g_ptr_array_new();
+    outstanding_stuff = g_ptr_array_new();
     
     luaL_openlib(L, TVB_RANGE, TvbRange_methods, 0);
     luaL_newmetatable(L, TVB_RANGE);
diff --git a/plugins/lua/packet-lua.c b/plugins/lua/packet-lua.c
index c4084840f1..3332be53e3 100644
--- a/plugins/lua/packet-lua.c
+++ b/plugins/lua/packet-lua.c
@@ -155,7 +155,7 @@ void dissect_lua(tvbuff_t* tvb, packet_info* pinfo, proto_tree* tree) {
     if (lua_isfunction(L,1)) {
         
         pushTvb(L,tvb);
-        pushPinfo(L,pinfo);
+        push_Pinfo(L,pinfo);
         pushProtoTree(L,tree);
         
         if  ( lua_pcall(L,3,0,0) ) {
@@ -172,6 +172,7 @@ void dissect_lua(tvbuff_t* tvb, packet_info* pinfo, proto_tree* tree) {
     }
     
     clear_outstanding_tvbs();
+    clear_outstanding_pinfos();
     
     lua_pinfo = NULL;
     lua_tree = NULL;
diff --git a/plugins/lua/packet-lua.h b/plugins/lua/packet-lua.h
index 3e14c8140f..0dccf7d639 100644
--- a/plugins/lua/packet-lua.h
+++ b/plugins/lua/packet-lua.h
@@ -256,5 +256,7 @@ extern GString* lua_register_all_taps(void);
 extern void lua_prime_all_fields(proto_tree* tree);
 extern void lua_register_subtrees(void);
 extern void clear_outstanding_tvbs(void);
+extern void push_Pinfo(lua_State* L, Pinfo p);
+extern void clear_outstanding_pinfos(void);
 
 #endif
author	Luis Ontanon <luis.ontanon@gmail.com>	2006-02-15 01:21:51 +0000
committer	Luis Ontanon <luis.ontanon@gmail.com>	2006-02-15 01:21:51 +0000
commit	86ea89f2aa52f4db6bbfa814ea19b83041c3fc26 (patch)
tree	c211a20493885692837957c8237b053fbb4f4136 /plugins/lua
parent	844ec9f7a114fde01a05a24c7d1c6e653613f2ce (diff)