X-Authentication-Warning: delorie.com: mail set sender to geda-user-bounces using -f
X-Recipient: geda-user AT delorie DOT com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=3eeyE14bCynuVaetfP/13C4FbJbbqm9UiN3cHVfF2KE=;
        b=PADTB/69a72aer/q9NapA3IUtP4jhv9ELzuH7X7f/uYdaHkBwLSqQ75yyHBNrJKJjL
         X1zYHKBl5keXDz4ohENC+7aqecjgfz0LDfmzc58fOIYruIuFu3/4WB5nXvhC94mOE5Q9
         GH7TCiCHL/rCl2u2Bv6iuoLvcEzuDJ+63cdbX4NBXoTuL/Swq6kEJPkOu7LEN25ocUxi
         mwrok6yQXskYJ6JgFGX/ytBRdUibr4KpltJC/gbRUeTwmHuN0w2kEkxWHdvOZFd9Vvuu
         +yPAH498quXAEf3ovEcoiKYtdWY+BPG8aObnTJrvCS3jvi/JgLDa3U73luTdKmCi15zJ
         RR3g==
MIME-Version: 1.0
X-Received: by 10.202.222.132 with SMTP id v126mr2890724oig.103.1423240168519;
 Fri, 06 Feb 2015 08:29:28 -0800 (PST)
In-Reply-To: <7C1A5871-3056-482C-BC58-173D90D80F77@icloud.com>
References: <1420499386 DOT 3521 DOT 3 DOT camel AT cam DOT ac DOT uk>
	<20150202152654 DOT GA13336 AT cuci DOT nl>
	<54CFD589 DOT 9040702 AT xs4all DOT nl>
	<CAHBYzfRkn-nJb4JfrDYyaD0WwPrpZvAgi0QdHCusgz185iNoHA AT mail DOT gmail DOT com>
	<CAGde_xN-iNZUvHh-E47kx1EyoPRt1018wWiDwHhYQ9+od+cJwA AT mail DOT gmail DOT com>
	<20150203112631 DOT 3507a0c1 AT Parasomnia DOT thuis DOT lan>
	<20150204054256 DOT Horde DOT Pm1JV8RJbICk9SHvIGwZ7A3 AT webmail DOT in-berlin DOT de>
	<CAOP4iL2stWVCy3WK0=SNu2zAbs8t6B0uyAgFuOnzG8v_MrYNfw AT mail DOT gmail DOT com>
	<CAGde_xN5gs5r_on=HP2RN7cy6E=2EL9eK3cp+sd9BfBaWNLVew AT mail DOT gmail DOT com>
	<20150204193720 DOT Horde DOT 42xUN-NzhCJRWZne-M5eCQ1 AT webmail DOT in-berlin DOT de>
	<90236728-E79D-47C7-BFB1-34140DB85ACB AT sbcglobal DOT net>
	<CAOFvGD4M48Ap=UQzL_T3yzas2rJrNFfxXRUOkOe8gA8J3bQCHg AT mail DOT gmail DOT com>
	<201502042333 DOT t14NX28o024789 AT envy DOT delorie DOT com>
	<7C1A5871-3056-482C-BC58-173D90D80F77 AT icloud DOT com>
Date: Fri, 6 Feb 2015 11:29:28 -0500
Message-ID: <CAOFvGD7vdircWqDYWKrKPY49gpYo4ZGsw20q9yE+4+gno3ZkhA@mail.gmail.com>
Subject: Re: [geda-user] FOSDEM
From: Jason White <whitewaterssoftwareinfo AT gmail DOT com>
To: geda-user AT delorie DOT com
Content-Type: text/plain; charset=UTF-8
Reply-To: geda-user AT delorie DOT com
Errors-To: nobody AT delorie DOT com
X-Mailing-List: geda-user AT delorie DOT com
X-Unsubscribes-To: listserv AT delorie DOT com
Precedence: bulk

For those who have not seen, I implemented an example program in C
using Lua to safely read data defined in Lua files. I added to
protected mode to the interpreter which disables the instructions in
the Lua virtual machine which are not associated with defining
(storing) variables. So if you put something other than a variable
definition in the file, (for instance a loop or a function call) the
interpreter will just skip over it producing a warning in the console.
This makes it safe to use as a parser for data files since it disables
its ability to run it as a program; all it becomes capable of doing is
pushing strings and numbers to the stack.

See the thread "Using Lua to safely read configuration and layout
files (program attached)" for a more elaborate description of the
possibilities afforded by this.


For those who wish to personally test the security of this concept,
here is the link for my demonstration program:
https://drive.google.com/file/d/0BwP0qhqyaTIIVHl3UzcwSGFabGM/view?usp=sharing

Type "./configure" then "make" to build it.
Type "cd ./src" then "./example" to run it.

-- 
Jason White