[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Preventing Lua scripts that never return from freezing the host application
- From: "Matthew P. Del Buono" <delbu9c1@...>
- Date: Tue, 3 Nov 2009 14:27:30 -0500
Christian Tellefsen wrote:
> Jim Whitehead II wrote:
>>
>> Keep in mind that for certain C functions (like string.find) won't
>> call your debug hook in them, so a user script can still tie up the
>> system in what appears to be an infinite loop, but really is just code
>> that takes a long time to run (all without your hook being called).
>>
>> - Jim
>>
>>
> OK, thanks, I'll keep that in mind, or maybe I'll just remove access to
> that function.
>
That's not really a solution, to be honest. There are other functions
with this problem as well. In addition, there are also things you can't
remove that will result in your hook rarely being called.
A few examples:
string.rep("s", 2^30) -- Removable, but probably a bad idea
-- Problematic if it can loop enough times:
local s = "aaaaaaaaaaaaaaaa";
while true do
s = s .. s;
end
The second is a more severe problem because it's the concatenation that
will take a long time (at later iterations, e.g., around the 5th+). If
your limits are set low enough, this won't be a problem because that
iteration can't be reached. But if your limits aren't low enough, and
those iterations are reachable, you're going to encounter a problem in
that the concatenation operation can take a very long time.
These are just a few examples of what came across various Lua bots that
have been tested for security. Generally the premium solution has been
in one of two forms:
(1) Use ulimit to control CPU usage (not portable)
(2) Use a second thread through a library like lualanes to monitor the
progression of the execution thread, and terminate it after a known time
limit.
Neither of these, however, are Lua-only solutions.
Regards,
======
Matthew P. Del Buono