RE: The security of function load

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: RE: The security of function load
From: Yongheng Chen <changochen1@...>
Date: 2020年9月23日 17:14:56 -0400

So if the load function causes memory corruption, it is not considered as bugs?

Best,

Yongheng Chen

From: Rena
Sent: Wednesday, September 23, 2020 5:11 PM
To: Lua mailing list
Subject: Re: The security of function load

On Wed, Sep 23, 2020 at 4:24 PM Yongheng Chen <changochen1@gmail.com> wrote:

> The function load accepts a binary chunk as argument. I wonder if is it memory-safe against malformed binary chunks? I couldn’t find related materials about it.

> Best,

> Yongheng Chen

It is not. Previous efforts to harden it against such attacks proved

more work than it was worth. You can prevent loading binary chunks

entirely, but in general you must trust the code being loaded.

Sent from my Game Boy.

Follow-Ups:
- Re: The security of function load, 云风 Cloud Wu
- Re: The security of function load, Gé Weijers

References:
- The security of function load, Yongheng Chen
- Re: The security of function load, Rena

Prev by Date: Re: The security of function load
Next by Date: Re: The security of function load
Previous by thread: Re: The security of function load
Next by thread: Re: The security of function load
Index(es):
- Date
- Thread