 |
lua-l archive |
|
|
||
|
On 13/12/2018 17.14, Roberto Ierusalimschy wrote:
Instead of using a larger type to count 'sep', it seems easier to just limit the maximum number of '=' in a long bracket. I don't think people will mind a limit of 1000.
[semi-ignoring the other part of the thread b/c it's confusing]I think something like 0x2000_0000 (or 0x2000 in case 16-bit ints are a thing) is better, because generated code is something people do.
A simple way to include any piece of textual data in a generated Lua script is to put it in a long string. (You don't have "%q" outside of Lua.) The simplest way to do that is to count the largest sequence of ='s in it and add one more in the separator.
While it's already fairly unlikely to hit a limit of 1000, in case it _does_ get hit, the code suddenly breaks, and you'll need a more complex solution. Therefore, using the largest safe, "round" (easy to spot as magic) number reduces the potential for future work at ≈zero extra cost. (And with 0x2000_0000, I think anything that hits _that_ limit can safely be disregarded as malicious.)