Re: Lua 5.0 Alpha and api_incr

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Lua 5.0 Alpha and api_incr_top
From: Björn De Meyer <bjorn.demeyer@...>
Date: Wed, 18 Sep 2002 18:40:55 +0200

Joshua Jensen wrote:
> That's all well and good, but it now requires me to know the size of the
> stack the incoming Lua script uses, so I won't crash the application.
/snip

I had not yet noticed this problem, but I basically agree 
with Joshua Jensen here.  From the C side it's almost impossible 
to predict what the required stack size should be on 
many different occasions. Yes, we could check the stack 
ourselves every other time, but that is really a pain. 
It may be more performant or consistent not to perform stack 
checking, but it is by no means safe nor secure. 

Lua allows you to make a safe sandbox for external scripts by  
allowing you to make certain functions unavailable. If, however, 
the scripts can crash the program by performing some deep recursive 
operations, then they will be able to crash the Lua application,
leading to possible DOS problems. The sandbox has become a sand sieve. 

As a compromise, the autogrowing stack would be a feature that could be 
turned on and off. Off for performance, on (by default) for security. 
Or maybe a C callback function that is called whenever the stack is 
in risk of overflowing. 

-- 
"No one knows true heroes, for they speak not of their greatness." -- 
Daniel Remar.
Björn De Meyer 
bjorn.demeyer@pandora.be

Follow-Ups:
- Re: Lua 5.0 Alpha and api_incr_top, Roberto Ierusalimschy

References:
- RE: Lua 5.0 Alpha and api_incr_top, Joshua Jensen

Prev by Date: Obtaining pointer to a C++ object
Next by Date: Re: Obtaining pointer to a C++ object
Previous by thread: RE: Lua 5.0 Alpha and api_incr_top
Next by thread: Re: Lua 5.0 Alpha and api_incr_top
Index(es):
- Date
- Thread