[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: Lua 5.4.4 Sandbox Escaping & Type confusion caused by the absence of type check
- From: Andrew Gierth <andrew@...>
- Date: Tue, 26 Oct 2021 03:18:20 +0100
[CC'ing back to the list]
>>>>> "woosun" == woosun Kang <email@example.com> writes:
woosun> Thanks for your reply.
woosun> In fact, I have seen reports of crashes using the debug
woosun> function in CVE-2020-15945. So I must have misunderstood that
woosun> Lua was getting reports of crashes with debug functions. I’m
That CVE refers to a case where one of the debug functions did have a
real bug, and would crash in some circumstances even when used in a way
that ought to have been safe.
The difference in the case you reported is that the debug functions you
used all did exactly what they were supposed to do, it's just that you
used them to alter the interpreter state in an unsafe manner.