Re: Malicious Lua 5.1 bytecode in the real world

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

• Subject: Re: Malicious Lua 5.1 bytecode in the real world
• From: Peter Cawley <lua@...>
• Date: 2013年9月16日 18:05:33 +0100

---

On Mon, Sep 16, 2013 at 5:36 AM, Tim Hill <drtimhill@gmail.com> wrote:
> Presumably the root problem here is the call to luaL_dofile(), which implicitly allows bytecode as well as text loading.
Indeed, the lua_load family in 5.1 implicitly allow bytecode loading,
and you need to inspect the first byte of your input if you wish to
disable it. At least in 5.2 most of the lua_load family accept a mode
parameter which make it easier to disable bytecode loading.

---

• References:
  • Malicious Lua 5.1 bytecode in the real world, Peter Cawley
  • Re: Malicious Lua 5.1 bytecode in the real world, Tim Hill

• Prev by Date: [ANN] lua5.1.js v0.9.1
• Next by Date: Re: Why Lua is not more popular
• Previous by thread: Re: Malicious Lua 5.1 bytecode in the real world
• Next by thread: [ANN] lua-libmemcached, simple Lua binding for libmemcached
• Index(es):
  • Date
  • Thread