Omnimaga: The Coders Of Tomorrow
Welcome, Guest. Please login or register.
 
Omnimaga: The Coders Of Tomorrow
21 May, 2013, 14:47:15 *
Welcome, Guest. Please login or register.

Login with username, password and session length
 
   home   news downloads projects tutorials misc forums rules new posts irc about Login Register  
+-OmnomIRC

You must Register, be logged in and have at least 40 posts to use this shout-box! If it still doesn't show up afterward, it might be that OmnomIRC is disabled for your group or under maintenance.

Note: You can also use an IRC client like mIRC, X-Chat or Mibbit to connect to an EFnet server and #omnimaga.

Pages: 1 2 [3]   Go Down
  Print  
Author Topic: Would Ndless 3.0 be possible through Lua? -  (Read 4374 times) Bookmark and Share
0 Members and 1 Guest are viewing this topic.
JosJuice
LV9 Veteran (Next: 1337)
*********
Offline Offline

Last Login: Yesterday at 22:03:20
Date Registered: 24 September, 2010, 16:46:12
Location: Sweden
Posts: 1300


Total Post Ratings: +51

View Profile
« Reply #30 on: 13 June, 2011, 17:02:51 »
0
Quote from: jimbauwens on 13 June, 2011, 16:52:56
@JosJuice, here is what I think what happens:
He modifies the string containing the utf-8 characters using string.sub( (or something else). Since this is intented for ascii, it modifies the wrong bytes which results in the weird characters. He needs to use string.usub to edit it as utf-8.
Ah, now I understand. So string.sub( attempts to modify a single byte of a multi-byte character?
Logged
Jim Bauwens
Lua! Nspire! Linux!
Editor
LV10 31337 u53r (Next: 2000)
*
Offline Offline

Gender: Male
Last Login: Today at 00:39:35
Date Registered: 28 February, 2011, 22:32:12
Location: Belgium
Posts: 1733


Total Post Ratings: +180

View Profile WWW
« Reply #31 on: 13 June, 2011, 17:09:54 »
0
Yup, thats what happens.
Also, when you check the length of string with a utf character it will probably be bigger than the amount of chars in the string. For example, the string "E" is supposedly 3 chars long. And that is why TI added custom routines such as uchar and usub.
Logged


TI-Nspire projects of me:
nCreator | PCspire | Klondike Lua | LogoMagic | EEPro for the TI-Nspire | Pegs | General math definitions
NecroBumpist
LV4 Regular (Next: 200)
****
Offline Offline

Gender: Male
Last Login: 04 November, 2012, 07:02:18
Date Registered: 18 August, 2011, 05:44:50
Location: In my IDE, programming shit
Posts: 129


Total Post Ratings: +9

View Profile
« Reply #32 on: 20 August, 2011, 23:23:33 »
0
Quote from: Lionel Debroux on 18 April, 2011, 12:31:50
Kofler is not the first person to think of the bugs listed on the Lua bug page Wink

* the first bug involves precompiled code - but third-party Lua TNS documents are plain text, so we can't feed malformed precompiled code into TI's stripped interpreter through that means;

This is entirely viable.
string.dump() returns the precompiled version of a function (as does luac.exe), which you can then execute with loadstring()

I know several of these precompiled attacks, one of the more promising being that when you call a function, you can retrieve the values it placed on the stack. Yesterday I briefly tested this attack on the D2Editor.new(), but all I found was a __gc() metamethod, which ended up crashing my calculator.
But, there are many C functions in the NSpire's API, and it's possible one of them could be of some use.
Once I finish an update for one of my projects, I'll go back to testing this method more thoroughly.

If I find something, should I just PM it to ExtendeD? Though I'm not even sure I would know what's useful and what isn't...
Logged
Developing Lua scripts for the NSpire ?
Check out the Necrotorium
Need a few routines to run faster ? Checkout the MODS Lua Assembly Toolkit.
Need to save space for your scripts ? Checkout LuaSrcDiet
Lionel Debroux
LV10 31337 u53r (Next: 2000)
**********
Offline Offline

Gender: Male
Last Login: Today at 07:35:20
Date Registered: 17 December, 2009, 09:37:25
Location: France
Posts: 1853

Total Post Ratings: +208

View Profile WWW
« Reply #33 on: 21 August, 2011, 07:14:55 »
0
Quote
This is entirely viable.
string.dump() returns the precompiled version of a function (as does luac.exe), which you can then execute with loadstring()
I wrote the part you quoted pretty early on, less than two weeks after the advent of OS 3.0.1.1573. I don't think that anyone had used loadstring() yet Smiley
But it would be good news.

Quote
If I find something, should I just PM it to ExtendeD?
You wouldn't want to post it in public indeed.
Logged
Member of the TI-Chess Team.
Co-maintainer of GCC4TI (GCC4TI online documentation), TILP and TIEmu.
Co-admin of TI-Planet.
Pages: 1 2 [3]   Go Up
  Print  
 
Jump to:  

Powered by EzPortal
Powered by MySQL Powered by SMF 1.1.18 | SMF © 2013, Simple Machines Powered by PHP
Page created in 0.288 seconds with 30 queries.
Skin by DJ Omnimaga edited from SMF default theme with the help of tr1p1ea.
All programs, games and songs avaliable on this website are property of their respective owners.
Best viewed in Opera, Firefox, Chrome and Safari with a resolution of 1024x768 or above.