lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


It was thus said that the Great Viacheslav Usov once stated:
> 
> Yet, I think, this change did not fully address the problem and the
> built-in IO library may still be vulnerable. What is even worse, many
> other libs out there might suffer from the same problem and the
> awareness in the community is probably low, because the issue is not
> addressed in the manual, nor in the Programming in Lua books.

  You also wrote [1]:

> I believe this (and the below) is a problem because Lua code should not be
> able to make C libraries leak resources.

  So several years ago, a program I wrote for work would, in certain
circumstances, not release a (at the time) strong reference to some value,
so over time, the long running server would "leak" memory.  Was Lua at
fault?  Or my code?  The Lua code was able to make C libraries
(specifically, malloc()) leak resources.

  Why is that different than what's "wrong" with Lua now?

  Perhaps I'm unwise in following "play stupid games, win stupid prizes"
(i.e. trusting a programmer to not nil out __gc metamethods) but I really
have to wonder how much of an issue this really is.  Do you have actual code
this breaks?  Or is this more of a "hypothetical, someone might, possibly,
break some code I wrote" type of issue?  (and am I asking for trouble for
asking for an actual example?  Am I stupid for not thinking this is an
issue?  Should every Lua module written in C do the same as Lua's io
library?)

  -spc (Perhaps I'm dumb for trusting programmers ... )

[1]	http://lua-users.org/lists/lua-l/2019-06/msg00578.html