Coda Highland wrote: > Fixed the 5.2-ism: > > $ lua > Lua 5.1.5 Copyright (C) 1994-2012 Lua.org, PUC-Rio > > s = loadstring"load(s)" > > load(s) > > Here, it just hangs instead of crashing. I'm guessing PUC-Rio Lua is > handling the stack differently, but it's still a DoS from untrusted > code. Lua 5.2 and 5.3 don't hang. Though, they don't report any error. > And thinking about it this way reveals the issue: This isn't a bug, or > at least, it's not a bug you can do anything about without making Mr. > Turing very upset. > > Let's walk through it: > > The first line, s = loadstring"load(s)", is equivalent to: > > function s() > load(s) > end > > (And note that it still crashes if you define it this way instead of > using loadstring.) > > The second line, load(s), uses the function s as a reader that's > supposed to return incremental parts of the input file. However, s > just calls load(s)... which calls s... which calls load(s)... > > You're just overflowing the stack with infinite recursion. Does Lua have any checks that trigger before the C stack overflows? Or is it one of few corner cases that should be avoided by a programmer? Alex