[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: LuaSocket: No way to protect against fuzzing attacks?
- From: Sam Roberts <vieuxtech@...>
- Date: Tue, 11 Oct 2011 12:46:01 -0700
On Tue, Oct 11, 2011 at 2:47 AM, Dean Sellers <email@example.com> wrote:
> At least this was how the unix side worked, my code will always run on
> an embedded nix device so I didn't delve into the windows source.
Windows is the same.
> So after a bit of testing my algorithm reads byte by byte until a
> message is formed or the length is exceeded. The performance is
> certainly acceptable for a system where 20-100 byte messages are
> delivered at 25Hz.
You might not have noticed that receive() will return a partial result after
But as you say, if you are looking for a specific end byte,
byte-by-byte is reasonable. I did something like this for a serial
link protocol recently, where we needed to scan the input bytes for a
start-byte before starting to read a packet (I extended luasocket to
support serial devices). Also, table.concat or the prefix arg to
:receive() can get you away from the exponential cost of string tail
> In saying this it would be reasonably easy to add a 'return up to n
> bytes' method to luasocket, I just figured for the small performance hit
> I would stay with a more portable solution.
This is easy to write yourself in lua, see :read():
Its particularly useful for transparent proxies, where the code doing
the reading doesn't know what to expect from the network, it just
wants to pass on data as it becomes available. I might add this to my
luasocket fork sometime, unless somebody else provides a patch first.