Re: Bytecode: Safe or not? / luac manual

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Bytecode: Safe or not? / luac manual
From: Sean Conner <sean@...>
Date: Tue, 1 Nov 2011 16:09:53 -0400

It was thus said that the Great Stefan Reich once stated:
> 
> That is easily possible with many VMs. For example, a C64 emulator can
> in all likelihood not be crashed by bad C64 code. It just doesn't work
> that way as 6510 assembly instructions are easy to control. (Only
> controlled halting of the VM is possible.)
> 
> Also, I once wrote a VM for an assembly language with only one
> instruction. That was also very easily verifiable bytecode.
> 
> Also, Java has a bytecode verifier that, AFAIK, has no known vulnerabilities.

  I don't know, doing a search for "java bytecode verifier vulnerability"
certain brought up a ton of results.  Granted, the results appear to be
several years old, but from a quick scan through the results, it appears
that Java bytecode verification wasn't quite as trivial as you make it
sound.

  -spc (Even if you carefully verify all the opcodes, you are still
	vulnerable to a "return-to-libc" style attack)

Follow-Ups:
- Re: Bytecode: Safe or not? / luac manual, Peter Cawley
- Re: Bytecode: Safe or not? / luac manual, David Given

References:
- Re: Bytecode: Safe or not? / luac manual, Stefan Reich
- Re: Bytecode: Safe or not? / luac manual, Rob Kendrick
- Re: Bytecode: Safe or not? / luac manual, Stefan Reich

Prev by Date: Re: Bytecode: Safe or not? / luac manual
Next by Date: Re: Bytecode: Safe or not? / luac manual
Previous by thread: Re: Bytecode: Safe or not? / luac manual
Next by thread: Re: Bytecode: Safe or not? / luac manual
Index(es):
- Date
- Thread