[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Lpeg error handling
- From: Luiz Henrique de Figueiredo <lhf@...>
- Date: Wed, 22 Apr 2009 07:06:57 -0300
> On Wed, Apr 22, 2009 at 9:40 AM, Ico <lua@zevv.nl> wrote:
> > these files can come from untrusted sources, and I'd like to create a
> > more robust solution to avoid problems caused by unexpected input like
> > neverending loops.
>
> To get a really tough sandbox, use Luiz' token filtering patch and
> filter out all dangerous keywords (or simply detect them as errors).
If there's only one top-level group then you can add "return " before loading
the file to force that only expressions are accepted. To avoid infinite loops
due to recursive function calls on anonymous functions, just raise errors when
"function" appears the token stream. This is most easily done in C.
