Re: Using Lua for config files

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Using Lua for config files
From: Enrico Colombini <erix@...>
Date: Thu, 19 Dec 2013 09:34:21 +0100

On 19/12/2013 2.59, Luiz Henrique de Figueiredo wrote:

But unfortunately one can still write anonymous functions
and then write full-blown Lua programs inside them:

{
	malice = (function () while true do end end)()
}

Now if you can patch your Lua lexer to avoid the keyword "function", then
you're ok. One simple way is to change "function" to "function " (note the
space). You can also clear the "reserved" flag for the string "function"
just before loading the config file.

Without patching the lexer, at a small performance cost, the programcould just raise an error if the script contains the string "function".Unless the script is compiled, in which case the check would have to bedone at bytecode level.


(or am I missing something?)

--
  Enrico

Follow-Ups:
- Re: Using Lua for config files, Enrico Colombini

References:
- Using Lua for config files, Rena
- Re: Using Lua for config files, Luiz Henrique de Figueiredo

Prev by Date: This question may be not appropriate here.
Next by Date: Re: Using Lua for config files
Previous by thread: Re: Using Lua for config files
Next by thread: Re: Using Lua for config files
Index(es):
- Date
- Thread