1 files changed, 41 insertions, 7 deletions
diff --git a/src/openssl.c b/src/openssl.c
index 35ddaf7..504931d 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -682,9 +682,43 @@ static void *loadfield_udata(lua_State *L, int index, const char *k, const char
 } /* loadfield_udata() */
-/* Forward declarations */
+/* Forward declaration */
 static SSL *ssl_push(lua_State *, SSL *);
+/* push an ssl object into lua in a way that is safe from OOM
+ * Lua 5.1 does not support normally returning values from lua_cpcall
+ * to return a value, we instead return it via an error object
+ */
+static int ssl_pushsafe_helper(lua_State *L) {
+        ssl_push(L, lua_touserdata(L, 1));
+#if LUA_VERSION_NUM <= 501
+        return lua_error(L);
+#else
+        return 1;
+#endif
+}
+static int ssl_pushsafe(lua_State *L, SSL *ssl) {
+        int status;
+#if LUA_VERSION_NUM <= 501
+        status = lua_cpcall(L, ssl_pushsafe_helper, ssl);
+        if (status == LUA_ERRRUN)
+                status = LUA_OK;
+        else if (status == LUA_OK)
+                /* this should be impossible */
+                status = LUA_ERRRUN;
+        else
+                lua_pop(L, 1);
+#else
+        lua_pushcfunction(L, ssl_pushsafe_helper);
+        lua_pushlightuserdata(L, ssl);
+        status = lua_pcall(L, 1, 1, 0);
+        if (status != LUA_OK)
+                lua_pop(L, 1);
+#endif
+        return status;
+}
 /*
 * Auxiliary C routines
@@ -8057,12 +8091,12 @@ static int sx_setAlpnSelect_cb(SSL *ssl, const unsigned char **out, unsigned cha
        otop = lua_gettop(L) - n;
-        /* TODO: Install temporary panic handler to catch OOM errors */
        /* pass SSL object as 1st argument */
-        ssl_push(L, ssl);
+        if (ssl_pushsafe(L, ssl))
+                goto fatal;
        lua_insert(L, otop + 3);
+        /* TODO: Install temporary panic handler to catch OOM errors */
        /* pass table of protocol names as 2nd argument */
        pushprotos(L, in, inlen);
        lua_insert(L, otop + 4);
@@ -8149,10 +8183,10 @@ static int sx_setHostnameCallback_cb(SSL *ssl, int *ad, void *_ctx) {
        otop = lua_gettop(L) - n;
-        /* TODO: Install temporary panic handler to catch OOM errors */
        /* pass SSL object as 1st argument */
-        ssl_push(L, ssl);
+        if (ssl_pushsafe(L, ssl))
+                goto done;
        lua_insert(L, otop + 2);
        if (LUA_OK != (status = lua_pcall(L, 1 + (n - 1), 2, 0)))

diff --git a/src/openssl.c b/src/openssl.c index 35ddaf7..504931d 100644 --- a/src/openssl.c +++ b/src/openssl.c
@@ -682,9 +682,43 @@ static void loadfield_udata(lua_State L, int index, const char *k, const char
682	} /* loadfield_udata() */	682	} /* loadfield_udata() */
683		683
684		684
685	/* Forward declarations */	685	/* Forward declaration */
686	static SSL ssl_push(lua_State , SSL *);	686	static SSL ssl_push(lua_State , SSL *);
687		687
		688	/* push an ssl object into lua in a way that is safe from OOM
		689	* Lua 5.1 does not support normally returning values from lua_cpcall
		690	* to return a value, we instead return it via an error object
		691	*/
		692	static int ssl_pushsafe_helper(lua_State *L) {
		693	ssl_push(L, lua_touserdata(L, 1));
		694	#if LUA_VERSION_NUM <= 501
		695	return lua_error(L);
		696	#else
		697	return 1;
		698	#endif
		699	}
		700
		701	static int ssl_pushsafe(lua_State L, SSL ssl) {
		702	int status;
		703	#if LUA_VERSION_NUM <= 501
		704	status = lua_cpcall(L, ssl_pushsafe_helper, ssl);
		705	if (status == LUA_ERRRUN)
		706	status = LUA_OK;
		707	else if (status == LUA_OK)
		708	/* this should be impossible */
		709	status = LUA_ERRRUN;
		710	else
		711	lua_pop(L, 1);
		712	#else
		713	lua_pushcfunction(L, ssl_pushsafe_helper);
		714	lua_pushlightuserdata(L, ssl);
		715	status = lua_pcall(L, 1, 1, 0);
		716	if (status != LUA_OK)
		717	lua_pop(L, 1);
		718	#endif
		719	return status;
		720	}
		721
688		722
689	/*	723	/*
690	* Auxiliary C routines	724	* Auxiliary C routines
@@ -8057,12 +8091,12 @@ static int sx_setAlpnSelect_cb(SSL ssl, const unsigned char *out, unsigned cha
8057		8091
8058	otop = lua_gettop(L) - n;	8092	otop = lua_gettop(L) - n;
8059		8093
8060	/* TODO: Install temporary panic handler to catch OOM errors */
8061
8062	/* pass SSL object as 1st argument */	8094	/* pass SSL object as 1st argument */
8063	ssl_push(L, ssl);	8095	if (ssl_pushsafe(L, ssl))
		8096	goto fatal;
8064	lua_insert(L, otop + 3);	8097	lua_insert(L, otop + 3);
8065		8098
		8099	/* TODO: Install temporary panic handler to catch OOM errors */
8066	/* pass table of protocol names as 2nd argument */	8100	/* pass table of protocol names as 2nd argument */
8067	pushprotos(L, in, inlen);	8101	pushprotos(L, in, inlen);
8068	lua_insert(L, otop + 4);	8102	lua_insert(L, otop + 4);
@@ -8149,10 +8183,10 @@ static int sx_setHostnameCallback_cb(SSL ssl, int ad, void *_ctx) {
8149		8183
8150	otop = lua_gettop(L) - n;	8184	otop = lua_gettop(L) - n;
8151		8185
8152	/* TODO: Install temporary panic handler to catch OOM errors */
8153
8154	/* pass SSL object as 1st argument */	8186	/* pass SSL object as 1st argument */
8155	ssl_push(L, ssl);	8187	if (ssl_pushsafe(L, ssl))
		8188	goto done;
		8189
8156	lua_insert(L, otop + 2);	8190	lua_insert(L, otop + 2);
8157		8191
8158	if (LUA_OK != (status = lua_pcall(L, 1 + (n - 1), 2, 0)))	8192	if (LUA_OK != (status = lua_pcall(L, 1 + (n - 1), 2, 0)))