Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Userdata is unsafe #115

Closed
tomaka opened this issue Dec 27, 2016 · 1 comment
Closed

Userdata is unsafe #115

tomaka opened this issue Dec 27, 2016 · 1 comment
Labels
bug

Comments

@tomaka
Copy link
Owner

tomaka commented Dec 27, 2016

Right now hlua checks type safety by writing the TypeId of the userdata in the index __typeid of its metatable.
However this could be easily modified by the library user or even maybe by a Lua script.

Of course it would be very stupid for a user to modify the value in __typeid. If all actors cooperate, then there's no unsafety. But safety is all or nothing. If for example you write a Lua REPL with hlua and take user input, then there is a security leak here.
@tomaka tomaka added the bug label Jan 3, 2017
@tomaka
Copy link
Owner Author

tomaka commented Jan 3, 2017

One solution would be to never push a T alone, but always a (TypeId, T) instead.
Hlua's API would transparently add or remove the TypeId whenever you push or load a userdata.

Since reading a userdata expects a TypeId, this idea can only work if the user has no way of writing a userdata without that TypeId.

@tomaka tomaka mentioned this issue Jan 3, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tomaka