From de54fc4aa83aa59182286acb6292b889d11d2c52 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Fri, 31 Oct 2025 09:38:55 +0100 Subject: [PATCH] [PATCH] lua: remove luajit pushlstring workaround 81ee6f5aadeb ("lua: push correct length back through ScFlowvarGet, work around valgrind warning") added a workaround for valgrind warnings in pushing a string buffer into the lua state. This is no longer needed as tested with both address sanitizer and valgrind. (cherry picked from commit 52fd61dffdfa50c9a2d4ec24865a54da0b8f0a2a) Origin: upstream, https://github.com/OISF/suricata/commit/a7ff4c9ba53009680c7cd128b16c28d0aeda9886.patch Bug: https://redmine.openinfosecfoundation.org/issues/8065 Subject: Upstream fix for CVE-2025-64344 Gbp-Pq: Name CVE-2025-64344.patch --- src/util-lua.c | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) diff --git a/src/util-lua.c b/src/util-lua.c index 9e65c301..3dd1d315 100644 --- a/src/util-lua.c +++ b/src/util-lua.c @@ -328,22 +328,7 @@ void LuaPrintStack(lua_State *state) { int LuaPushStringBuffer(lua_State *luastate, const uint8_t *input, size_t input_len) { - if (input_len % 4 != 0) { - /* we're using a buffer sized at a multiple of 4 as lua_pushlstring generates - * invalid read errors in valgrind otherwise. Adding in a nul to be sure. - * - * Buffer size = len + 1 (for nul) + whatever makes it a multiple of 4 */ - size_t buflen = input_len + 1 + ((input_len + 1) % 4); - uint8_t buf[buflen]; - memset(buf, 0x00, buflen); - memcpy(buf, input, input_len); - buf[input_len] = '\0'; - - /* return value through luastate, as a luastring */ - lua_pushlstring(luastate, (char *)buf, input_len); - } else { - lua_pushlstring(luastate, (char *)input, input_len); - } + lua_pushlstring(luastate, (char *)input, input_len); return 1; } -- 2.30.2