lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

On Sat, Jun 5, 2010 at 8:43 AM, HyperHacker <> wrote:
> Anything using loadstring is going to introduce security issues if
> someone manages to break out of your string.

True. This reverse_q() works well if you *know* its input was
generated by string.format("%q"), but probably doesn't do what the
user wants in other cases, for example:

reverse_q([[\\" .. os.exit() --]])

(Of course, such a string can never be generated by string.format("%q", ...).)