lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


> If my 'library' failed to do proper bounds checking and had the potential for buffer overruns (for example)
> when exposed to a network, would calling said library from Lua protect me?

First of all, the problem is not due to C language but too the library itself ... and the problem is the same if you call it from any language.
I mean, as long as you call this library API, the "upper" language has strictly no way to prevent buffer overrun or such : the controle is totaly on the hands of the library developper.
You may reduce the risk by checking arguments before API calls (but it's true to whatever language), but unsecure library will remain unsecure.