lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]



On December 13, 2018 10:10:40 PM UTC, Rena <hyperhacker@gmail.com> wrote:
>On Thu, Dec 13, 2018, 16:32 David Favro <lua@meta-dynamic.com wrote:
>
>> 
>> On December 13, 2018 9:01:52 PM UTC, Egor Skriptunoff 
>> <egor.skriptunoff@gmail.com> wrote: 
>>> IMO, it's not a good idea.
>>> If this limit is N, then minimal size of non-quotable string is
>about
>>> 0.5*N^2
>
>> What's a "non-quotable string"?
>> Am I missing something or can't any string be represented as a
>literal 
>> with e.g. double-quote (") as delimiter and appropriate escaping of 
>> special characters? If so, I don't see your definition of 
>> "non-quotable", could you elaborate?
>
>
>A string that starts with `[====[`, assuming the limit of `=` in a 
>delimiter were 4.

Oh my goodness, I must have flunked English class, my point seems to be completely lost.  I know of the existence of long string literals and immediately saw that imposing a limit on the number of '=' would mean that certain (nonsensical, as Roberto pointed out) strings would have to be expressed as a different form of literal.

Given that as I pointed out in my first message, *any* string (including your example, even if n was 0) can be represented as a quoted Lua literal, why would we call it a "non-quotable string" (which, perhaps I'm daft but to me means there there exists no Lua string literal which represents this string).

The reason I tried to make that point is that Egor said (without specifying why or how) that vulnerabilities would be possible if a "non-quotable string" exists.  It seems to me that if this is at all conceivable, it most likely would be so if someone mistakenly thought that the inability to be expressed as a long string literal meant inability to be expressed as a string literal whatsoever.  I just wanted Egor to acknowledge that these "non-quotable strings" can be represented as quoted string literals and explain, with that in mind, how such a vulnerability would work.

Apparently I expressed myself poorly, so since my point clearly is lost, let's abandon it, please!  Perhaps all of us besides Egor could stop speculating what he meant, and he can just tell us, why would existence of a string unable to be expressed as a long string literal (I think we all know what I mean by that term) pose a potential vulnerability?