[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: String tainting
- From: "Dirk Feytons" <dirk.feytons@...>
- Date: Mon, 11 Feb 2008 12:00:37 +0100
On Feb 8, 2008 5:39 PM, Luis Carvalho <firstname.lastname@example.org> wrote:
Nice! This should be a good starting point; thanks.
A few remarks:
- Your __concat function doesn't make the new string tainted if one of
its parts is tainted. Easy to fix though.
- Some extra code is needed to get the tainted strings (well, string
objects) work together with the standard string library functions.
- Maybe I'll reimplement it in C (completely or partially) to avoid
the use of the unofficial newproxy(). By the way, maybe a note could
be added to the reference manual for lua_newuserdata() that a size of
0 is valid?
- I think the biggest disadvantage of this approach is that tainted
strings are userdata while pretending on the outside that they are
still primitive strings. This could lead to unwanted behavior in code
that does type checking or uses functions that don't use tostring().
In my case I can probably live with it though.