lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

On Wed, Jun 11, 2014 at 6:26 PM, Sean Conner <> wrote:
>   How can you escape from a sandbox using OP_FORLOOP?

In 5.1, OP_FORLOOP can be used to get the address of a Lua string.
This information leakage can be combined with other VM flaws to escape
from a sandbox, as described at