lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Er, I don't agree with either of these arguments...

Coda:  I'm creating potentially 1000 userdata objects with associated private userdata for a *small* server.  An extra table on each would be noticeable..

Sean: So... I should get the other person to change their code to avoid the rawlen() to allow for evil users to segfault from within their library?  Personally I don't understand how you would not typecheck with a luaL_checkudata() and not do the responsible rawlen() size check...  That's not defensive programming that's just reasonable. :\

Will pick up Solid Code by Steve M. though :-)


On Mon, Dec 2, 2013 at 6:01 AM, Sean Conner <sean@conman.org> wrote:
It was thus said that the Great Sir Pogsalot once stated:
> I am saying that it is out of my control, as it is done by code I did not
> write.  So the metatable check works but the subsequent rawlen() fails.

  That's what I'm not understanding---the call to lua_rawlen().  To me, it
sounds like a defensive programmer going overboard.  Personally, I don't
believe in defensive programming as it hides bugs [1].  Trust the
programmer; do NOT trust the outside world though.

>  luaL_checkudata() does not prevent a user from causing a segfault if they
> match up your mt with a very small userdata...

  It's not the user that causes that, it's the programmer.

  -spc (Fail fast)

[1]     Writing Solid Code_ by Steve Maguire goes into this in depth.  It
        was one of only two books I've read over the past 25 years that
        fundamentally changed how I write code.