>>>>> "Tom" == Tom Sutcliffe <tomsci@me.com> writes:
Tom> I've tracked this down to the fact that the test - not the
Tom> production code :) - was relying on the tostring representation of
Tom> a full userdata 0xABCD being the same as the lightuserdata
Tom> representation of the same pointer - they were both "userdata:
Tom> 0x1234" on 5.3
er... no?
In 5.3, the tostring representation of something that's not a number,
string, boolean or nil and which has no __tostring metamethod is:
lua_pushfstring(L, "%s: %p", kind, lua_topointer(L, idx));
where "kind" is the value of the __name metafield if it exists and is a
string, and is the luaL_typename of the original value otherwise.
While we are on this subject, giving Lua scripts access to the pointer address to something in memory is a needless footstool to breaking out of a sandbox and potentially taking over an application. It'd be more secure if Lua assigned an instance counter to userdata and printed that. A new __instance metamethod could complement the __name one to allow customizing.
[One challenge is a light userdata has no instance other than the pointer. Maybe just don't print an instance string or hash the pointer with a random number.]
- Patrick
