[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: RE: PATCH: Add Type Checking in op_bitwiseK
- From: Tatsuhiro Aoshima <tatsuhiro.aoshima.md@...>
- Date: Mon, 26 Apr 2021 11:09:08 +0900
Thank you for your reply.
I understood how the developers think this inconsistent and unclear implementation.
。:+* ゜ ゜゜ *+:。:+* ゜ ゜゜ *+:。:+* ゜ ゜゜ *+:。
Tatsuhiro Aoshima
NTT Secure Platform Laboratories
Phone: +81 422 59 3261 [JPN: (0422) 59 3261]
-----Original Message-----
From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Sent: Friday, April 23, 2021 10:42 PM
To: Lua mailing list <lua-l@lists.lua.org>
Subject: Re: PATCH: Add Type Checking in op_bitwiseK
> Already, op_arithK checks both operands because it calls op_arith_aux.
> Hence, I proposed op_bitwiseK should check also.
>
> I wonder how the developers think this inconsistent and unclear implementation.
There is nothing inconsistent here. Arithmetic operations are one beast, bitwise operations are another, with a different set of
rules.
It makes sense, and it is useful, to write both ≪a + 1≫ and a + ≪1.0≫, with different behaviors. It is not useful, and it is
actually bad taste, to write ≪a | 0.0≫.
> I think some attacks in the future may use this code in order to leak
> some pointers as integers, as exploiting another bugs.
Binary code is already untrusted in Lua. There are several other attack points (too many to be worth covering, in our view) once one
can suppy arbitrary binary code to the interpreter. If one day we re-introduce a static checker for binary code, this particular
check is one that is quite easy to implement offline.
-- Roberto
