[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: Lua is too big
- From: Peter Cawley <lua@...>
- Date: Wed, 11 Jun 2014 18:52:43 +0100
On Wed, Jun 11, 2014 at 6:26 PM, Sean Conner <email@example.com> wrote:
> How can you escape from a sandbox using OP_FORLOOP?
In 5.1, OP_FORLOOP can be used to get the address of a Lua string.
This information leakage can be combined with other VM flaws to escape
from a sandbox, as described at