[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: Specially crafted binary chunks can cause Lua to crash
- From: David Given <dg@...>
- Date: Tue, 25 Mar 2008 16:37:33 +0000
Peter Cawley wrote:
The bug is in ldebug.c's symbexec function again, but exploits the
fact that LOADBOOL with C != 0 isn't checked to see if it jumps over
an extended SETLIST, rather than yesterday's extended SETLIST as the
Has anyone ever tried running a infinite-monkeys test on Lua bytecode?
That is, continuously generate garbage input, submit it to the loader,
and log cases where it fails erroneously? Infinite-monkey tests are
quite easy to write and surprisingly good at picking up validation errors.