lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Justin Cormack <justin <at>> writes:
> It is not hard to wrap bounds testing around an ffi structure

This misses the point: once FFI is loaded, memory safety is gone.
Any malicious or buggy code that is loaded could buffer overflow.
If a memory-safe FFI subset existed, you could allow it to be
loaded (but not FFI) and get some of FFI's benefits without giving
up memory safety.

Also, I'm pretty sure that the bounds-checking would be a lot
faster if it were directly supported, rather than implemented in