lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

> Lua allows you to make a safe sandbox for external scripts by  
> allowing you to make certain functions unavailable. If, however, 
> the scripts can crash the program by performing some deep recursive 
> operations, then they will be able to crash the Lua application,
> leading to possible DOS problems. The sandbox has become a sand sieve. 

I think there is a misunderstanding here. The Lua 5.0 stack grows
automatically on demand during recursive calls (unlike Lua 4.0, where
the stack was fixed), and there is a "polite" error in case of stack
overflow. What does not grow automatically is the virtual stack that
each C function sees.

Usually this virtual stack is for temporary values only (function
parameters, function results, and "local" variables). For most C
functions it is quite easy to know in advance how much stack you will
need. Very few tasks demand that you keep pushing new values on the
stack without removing them. For these few tasks, you need to call
lua_checkstack (or more easily luaL_check_stack). See luaB_unpack (in
lbaselib.c) for an example.

Finally, it is worth remembering that Lua 4.0 also does not grow the
stack. The api_incr_top macro only checks the stack size, and raises an
error in case of overflow.

-- Roberto