Re: Features for the facilitation of sandbox construction

  • From: Philipp Kutin <philipp.kutin@xxxxxxxxx>
  • To: luajit@xxxxxxxxxxxxx
  • Date: Sat, 4 Aug 2012 13:35:17 +0200

>   What's wrong with declaring two structures, the public one for user code:
> (...)
>   The trusted code can cast any walltype variables to walltype_i variables
> (or a pair of functions to safely convert one to the other). Or am I missing
> something?

Something like this would be great, but I don't see how it's possible
with the FFI API. There's ffi.cast, but it's described as working only
for scalars, and indeed, LuaJIT complains when I try to feed it the
example I posted:

o ="struct { const int i; }", 1)
ou=ffi.cast("struct { int i; }", o)
stdin:1: bad argument #1 to 'cast' (invalid C type)

Just to motivate the proposed feature a little more, here's another
example. In our C code, there's an array like

struct actor_t {
    int32_t x, y, z;
    // ...
    int32_t some_member;
} actor[MAXSPRITES];

The actors are identified by their index in the actor[] aray, but
there's no way to get an actor's index from an actor_t struct pointer
*ap (other than ap-actor, which is impossible from the FFI, as far as
I can tell). How would one write "actor methods" like

setmetatype("actor_t", { __index = { do_stuff=function(a)
a.some_member=42; end } } )

if 'some_member' had to be restricted? Currently, I think the only way
would be a C function taking an actor_t pointer, and exposing that one
to the FFI.

So what I'm looking for is something very minimal and unobtrusive that
would let me write these things in LuaJIT directly. I would be willing
to invest time toward its implementation, but unfortunately my
knowledge in all things JIT is very limited (I skimmed the Tracemonkey

> It was thus said that the Great Philipp Kutin once stated:
I like your email client :D.


Other related posts: