[Tarantool-patches] [PATCH luajit] test: adapt tests checking loading bytecode files
Maxim Kokryashkin
m.kokryashkin at tarantool.org
Thu Feb 17 11:57:43 MSK 2022
Hello!
Thanks for the review!
New commit message:
=========================================================
test: adapt tests checking loading bytecode files
Loading bytecode with an extra header (BOM or "#") is disabled
for security reasons since LuaJIT-2.0.0-beta10.
For more information see comment for `lj_lex_setup()` in <src/lj_lex.c>.
Also see commit 53a285c0c3544ff5dea7c67b741c3c2d06d22b47 ('Disable
loading bytecode with an extra header (BOM or #!).').
Tests are adapted to LuaJIT behavior.
Resolves tarantool/tarantool#5691
Part of tarantool/tarantool#5870
=========================================================
New CI branch:
https://github.com/tarantool/tarantool/tree/fckxorg/gh-5691-adapt-bytecode-PUC-Rio-full-ci
--
Best regards,
Maxim Kokryashkin
>Среда, 16 февраля 2022, 15:47 +03:00 от Igor Munkin <imun at tarantool.org>:
>
>Sergey,
>
>On 12.10.21, Sergey Kaplun wrote:
>> Hi!
>>
>> Thanks for the fixes!
>>
>> On 11.10.21, Максим Корякшин wrote:
>
><snipped>
>
>> > >> --- FIXME: Loading bytecode with an extra header (BOM or "#")
>> > >> +-- Loading bytecode with an extra header (BOM or "#")
>> > >> -- is disabled for security reasons since LuaJIT-2.0.0-beta10.
>> > >> -- For more information see comment for `lj_lex_setup()`
>> > >> -- in <src/lj_lex.c>.
>> > >> -- Also see commit 53a285c0c3544ff5dea7c67b741c3c2d06d22b47
>> > >> -- (Disable loading bytecode with an extra header (BOM or #!).).
>> > >> -- See also https://github.com/tarantool/tarantool/issues/5691 .
>> > >> --- The test is disabled for LuaJIT.
>> > >> -prepfile("#comment with a binary file\n"..string.dump(loadstring("print(1)")))
>> > >> --- RUN("lua %s > %s", prog, out)
>> > >> --- checkout("1\n")
>> > >> -
>> > >> -prepfile("#comment with a binary file\r\n"..string.dump(loadstring("print(1)")))
>> > >> --- FIXME: Behavior is different for LuaJIT. See the comment above.
>> > >> --- The test is disabled for LuaJIT.
>> > >> --- RUN("lua %s > %s", prog, out)
>> > >> --- checkout("1\n")
>> > >> +-- The test is adapted to LuaJIT behavior.
>> > >> +prepfile(string.dump(loadstring("print(1)")))
>> > >> +RUN("lua %s > %s", prog, out)
>> > >> +checkout("1\n")
>> > >
>> > >May be it is better to test `NoRun()` for 1 binary file with a comment at the
>> > >first string and `Run()` for another binary file without the comment.
>>
>> What are your thoughts about this idea?
>
>What are you going to check with this? To check whether unsafe bytecode
>loading is still disabled?
>
>>
>
><snipped>
>
>> --
>> Best regards,
>> Sergey Kaplun
>
>--
>Best regards,
>IM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.tarantool.org/pipermail/tarantool-patches/attachments/20220217/16f4a3cc/attachment.htm>
More information about the Tarantool-patches
mailing list