[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Lua exposure to C vulnerabilities?
- From: Tim Hume <tim@...>
- Date: Mon, 19 Sep 2016 08:52:40 +1000 (AEST)
So, like, an io.open with a very large filename could allow arbitrary code
execution? O_o
Don't know about io.open, ... but the original poster said it was his own
C library he was interfacing. So who knows what could happen inside the C
library when the code is run from a Lua program, or anything else for that
matter? The solution is to fix the root cause of the problem.
Cheers,
Tim.
