Skip to content

Commit dece9f2

Browse files
ligurioligurio
committed
readme: add known issues
1 parent 47b4bdd commit dece9f2

File tree

1 file changed

+46
-0
lines changed

1 file changed

+46
-0
lines changed

README.md

Lines changed: 46 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -66,6 +66,52 @@ cd build && RUNS=100000 ctest -R luaL_gsub_test --verbose
6666
- [Lua 5.2 Reference Manual: 4 – The Application Program Interface](https://www.lua.org/manual/5.2/manual.html#4)
6767
- [Lua 5.1 Reference Manual: 3 – The Application Program Interface](https://www.lua.org/manual/5.1/manual.html#3)
6868

69+
### Known Issues
70+
71+
Fuzzing can find a wide variety of problems, but not all problems
72+
are considered bugs. Some problems are due to known limitations in
73+
the implementation. This section contains a list of such
74+
limitations in LuaJIT and PUC Rio Lua:
75+
76+
1. In LuaJIT, the build infrastructure includes a source code that
77+
contains memory leaks and other problems. For example,
78+
`src/host/buildvm.c` and `src/host/minilua.c`, these files are
79+
only used during the LuaJIT build process, and they are not
80+
a part of the LuaJIT itself. Memory leaks are suppressed in
81+
AddressSanitizer with a function `__lsan_is_turned_off()` that
82+
disallows leak checking for the program it is linked into.
83+
1. In LuaJIT a function `lj_str_new()` may read past a buffer end
84+
(so-called "dirty" read) and that's ok. Suppressed in
85+
AddressSanitizer with `__attribute__((no_sanitize_address))`.
86+
1. In LuaJIT, bytecode input is unsafe, see [LuaJIT#847][LuaJIT#847]
87+
and [LuaJIT FAQ][LuaJIT FAQ]. The string "mode" controls
88+
whether the chunk can be text or binary (that is, a precompiled
89+
chunk). It may be the string "b" (only binary chunks),
90+
"t" (only text chunks), or "bt" (both binary and text). The
91+
default is "bt". PUC Rio Lua and LuaJIT both have bytecode and
92+
Lua source code parsers. It is desired to test both
93+
parsers; however, the LuaJIT bytecode parser failed with the
94+
assertion: LuaJIT ASSERT `lj_bcread.c:123: bcread_byte: buffer
95+
read overflow`, so with LuaJIT only text mode is used, and
96+
therefore only the text parser is tested.
97+
1. The `debug` library is defined as unsafe. There are tons of ways
98+
to produce a crash with it. This library provides the functionality
99+
of the debug interface to Lua programs. Several of its functions
100+
violate basic assumptions about Lua code and therefore can
101+
compromise otherwise secure code. See [LuaJIT#1264][LuaJIT#1264]
102+
and [Lua 5.4 Reference Manual][refmanual54]. The `debug`
103+
functions is not a subject of testing and these functions are
104+
used carefully.
105+
1. In LuaJIT there are a number of places with undefined behavior
106+
("nonnull-attribute", "signed-integer-overflow", "bounds").
107+
These problems remain unfixed and suppressed in
108+
UndefinedBehavior Sanitizer.
109+
110+
[LuaJIT#847]: https://github.com/LuaJIT/LuaJIT/issues/847
111+
[LuaJIT#1264]: https://github.com/LuaJIT/LuaJIT/issues/1264
112+
[LuaJIT FAQ]: https://luajit.org/faq.html#sandbox
113+
[refmanual54]: https://www.lua.org/manual/5.4/manual.html#6.10
114+
69115
### License
70116

71117
Copyright (C) 2022-2025 [Sergey Bronnikov](https://bronevichok.ru/),

0 commit comments

Comments
 (0)