[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Crash Analysis: Finalizer Logic in singlestep function can lead to Sandbox Escape Exploit
- From: Roberto Ierusalimschy <roberto@...>
- Date: Fri, 10 Dec 2021 06:36:51 -0300
> My reply was about Roberto's suggestion to "forbid any GC operation while
> running
> a finalizer"
> If GC inside a finalizer is disabled, then simple operation "t.x=1" might
> raise OOM.
Did anyone in this discussion bother to see how Lua is today? Run
the following program in any version of Lua since 5.2:
setmetatable({}, {__gc = function ()
for i = 1, 1e8 do
if i % 1e6 == 0 then
print(collectgarbage("count") * 1024)
end
local a = {}
end
end})
collectgarbage()
print("ok")
-- Roberto
