lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

It was thus said that the Great Peter Cawley once stated:
> On Tue, Nov 1, 2011 at 8:09 PM, Sean Conner <> wrote:
> > Even if you carefully verify all the opcodes, you are still
> > vulnerable to a "return-to-libc" style attack.
> And what exactly is the Lua equivalent to return-to-libc?

  I haven't bothered to study the Lua VM opcodes, so I can't say.  But the
"return-to-libc" attack is (in my opinion) an incredible "out of the box"
style thinking to executing arbitrary code.

  -spc (And it doesn't have to be exactly "return-to-libc", just a way of
	constructing a call-return stack to execute code that might
	otherwise be rejected ... )