Re: Userdata/Table Unification

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Userdata/Table Unification
From: Eero Pajarre <epajarre@...>
Date: Mon, 26 Jul 2004 21:09:16 +0300

Mike Pall wrote:

> Ok, setmetatable() does not work on userdata objects. But you can change
> the contents of the metatable itself:
>
> u = any_userdata_constructor()
> getmetatable(u).__gc = nil      -- Ouch!
> u = nil
> collectgarbage()
>
> This will lead to resource depletion in the best case (e.g. lost file
> handles) and to memory corruption in the worst case (there may be
> dangling backreferences to userdata memory).
>
> The current approach is *not* safe unless you deny the sandbox access to
> getmetatable() or use a wrapper. But then you might as well protect
> setmetatable(), too. I think the setmetatable() pseudo-safeguard provides
> a false sense of security.
>

But you can protect the real metatable from user by setting
the __metatable field in it. The protection mechanism
seems ok to me.


        Eero

Follow-Ups:
- Re: Userdata/Table Unification, Mike Pall

References:
- Userdata/Table Unification, Mike Pall
- RE: Userdata/Table Unification, Virgil Smith
- Re: Userdata/Table Unification, Mike Pall

Prev by Date: Re: Sort problem
Next by Date: Re: Sort problem
Previous by thread: Re: Userdata/Table Unification
Next by thread: Re: Userdata/Table Unification
Index(es):
- Date
- Thread