lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


On Fri, Apr 20, 2012 at 8:40 PM, Roberto Ierusalimschy
<roberto@inf.puc-rio.br> wrote:
> Many thanks for the report. A quick fix would be to filter out that
> values in lua_getlocal; maybe a better (but more extensive) fix would be
> to avoid putting prototypes in the stack in the first place.

For what it's worth, I'd lead toward the extensive fix; due to
load()'s callback, malicious bytecode can grab the prototype whilst
avoiding lua_getlocal's hypothetical filter. Albeit you may have
bigger problems if malicious bytecode is flying around, but it would
mean one less path to exploitation.