lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


On Thu, Mar 27, 2008 at 7:40 AM, Luiz Henrique de Figueiredo
<lhf@tecgraf.puc-rio.br> wrote:
> > loadstring() can be abused to create a boolean that is neither
>  > true nor false.
>
>  Thanks for the report! But that's a different issue. The chunk runs
>  fine; it just does not do anything sensible. Making sure that chunks are
>  sensible is unsolvable... As long as they do not crash the host.

Really? Depending on a boolean being true or false strikes me as the
sort of thing that authors of security-needing modules will do without
thinking about it, and then crashes (or worse) DO occur. Either this
behavior is part of the language standard, and should be exhaustively
documented as to its implications, or it's not, and shouldn't be
allowed. Allowing programmers to do hackish things through bytecode
which the language itself doesn't allow strikes me as all sorts of a
bad thing.

Ben