[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Bytecode abuse in Lua 5.2 (-work4)
- From: Matthew Wild <mwild1@...>
- Date: Sun, 22 Aug 2010 17:16:14 +0100
On 22 August 2010 14:25, HyperHacker <hyperhacker@gmail.com> wrote:
>
> Why compile-time? Hide the real load() in a table that the script
> never has access to, and provide your own load() that rejects any
> string beginning with string.char(0x27). There you go.
>
> (Obviously don't ACTUALLY use string.char(0x27) in the function, but
> rather its precomputed result, lest the script simply redefine char.)
>
Exactly one reason to have it compile-time, so that people don't make
the same fatal mistake you just did ;)
Escape (and the first char of binary chunks) is "\027", not 0x27.
Matthew
- References:
- Bytecode abuse in Lua 5.2 (-work4), Peter Cawley
- Re: Bytecode abuse in Lua 5.2 (-work4), Majic
- Re: Bytecode abuse in Lua 5.2 (-work4), Martin Guy
- Re: Bytecode abuse in Lua 5.2 (-work4), Joshua Jensen
- Re: Bytecode abuse in Lua 5.2 (-work4), Jonathan Castello
- Re: Bytecode abuse in Lua 5.2 (-work4), Joshua Jensen
- Re: Bytecode abuse in Lua 5.2 (-work4), Martin Guy
- Re: Bytecode abuse in Lua 5.2 (-work4), KHMan
- Re: Bytecode abuse in Lua 5.2 (-work4), HyperHacker
- Re: Bytecode abuse in Lua 5.2 (-work4), KHMan
- Re: Bytecode abuse in Lua 5.2 (-work4), Stuart P. Bentley
- Re: Bytecode abuse in Lua 5.2 (-work4), HyperHacker
