Re: String tainting

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: String tainting
From: "Dirk Feytons" <dirk.feytons@...>
Date: Mon, 11 Feb 2008 12:00:37 +0100

On Feb 8, 2008 5:39 PM, Luis Carvalho <carvalho@dam.brown.edu> wrote:
[ ...]

Nice! This should be a good starting point; thanks.

A few remarks:
- Your __concat function doesn't make the new string tainted if one of
its parts is tainted. Easy to fix though.
- Some extra code is needed to get the tainted strings (well, string
objects) work together with the standard string library functions.
- Maybe I'll reimplement it in C (completely or partially) to avoid
the use of the unofficial newproxy(). By the way, maybe a note could
be added to the reference manual for lua_newuserdata() that a size of
0 is valid?
- I think the biggest disadvantage of this approach is that tainted
strings are userdata while pretending on the outside that they are
still primitive strings. This could lead to unwanted behavior in code
that does type checking or uses functions that don't use tostring().
In my case I can probably live with it though.

-- 
Dirk

References:
- String tainting, Dirk Feytons
- Re: String tainting, Stefan Sandberg
- Re: String tainting, Dirk Feytons
- Re: String tainting, Luiz Henrique de Figueiredo
- Re: String tainting, Dirk Feytons
- Re: String tainting, Luis Carvalho
- Re: String tainting, Luis Carvalho

Prev by Date: Re: Bug with unchecked stack overflow with coroutines
Next by Date: Re: Bug with unchecked stack overflow with coroutines
Previous by thread: Re: String tainting
Next by thread: RE: String tainting
Index(es):
- Date
- Thread