[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: __gc visible to lua code...
- From: Michael Broughton <mbobowik@...>
- Date: Fri, 30 Mar 2007 10:35:22 -0600
I don't think that would work.
One way you can prevent the __gc metamethod from being called is to
create an __index metamethod that filters out private indices. Of
course, that would not prevent any C code from calling your finalizer.
Overall, I think this solution is too complicated and it will slow down
your whole module.
I think it is best to just keep track of the state of your userdata and
any associated resources. For example: if your userdata is a struct, add
a field to mark when it is finalized. If your userdata is a boxed
pointer, make sure you nullify the pointer when you are done with it.
You could also use each userdata's environment table to do something
similar. With each of these solutions you need to make sure you check
the state of the userdata before you use it (duh).
Mike
Kristofer Karlsson wrote:
Wouldn't a sufficient solution be to set the __metatable field of the
userdata metatable to "access denied" or something similar. That way
you can ensure that your untrusted lua code can't have access to the
__gc metamethod. Assuming of course that you don't expose the
metatable or the __gc metamethod some other way.
