lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Diego Nehab wrote:

On the flip side, when you expose all the primitives, a higher level API can be written in Lua.

 - Peter Odding

I agree.

Damn it, I sent the message before writing the rest. As I said, I agree too.

The only problem is that, according to Lua's philosophy, it
should not be possible to crash an application from Lua. Exposing the bare Win32 API might not be compatible with
this philosophy.


I couldn't agree more, and go to quite a bit of trouble to avoid my own binary modules from crashing on invalid input.

Continuing on high- vs. low-level API advantages: when a module writer decides to expose the primitives I think he/she essentially gives over control to users of the module, and will have to accept the consequences (if you don't validate all input your module can crash and take the Lua interpreter with it).

Last note, if any of you are running Windows, try lua.exe -e "'%e'". Does that crash? Because it does for me, on all >= XP SP2 installations I've tried. This means it's already possible to crash `plain' Lua on Windows, at least the os library, given an invalid (according to Microsoft's CRT) format string. Of course no-one could expect the Lua authors to implement (localized) date formatting independent of the CRT, but this goes to show that input validation is important.

 - Peter Odding

PS. Please don't take the lua.exe -e "'%e'" comment as FUD against Lua!