Author Topic: Would Ndless 3.0 be possible through Lua?  (Read 19822 times)

0 Members and 1 Guest are viewing this topic.

Offline JosJuice

  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1344
  • Rating: +66/-14
    • View Profile
Re: Would Ndless 3.0 be possible through Lua?
« Reply #30 on: June 13, 2011, 11:02:51 am »
@JosJuice, here is what I think what happens:
He modifies the string containing the utf-8 characters using string.sub( (or something else). Since this is intented for ascii, it modifies the wrong bytes which results in the weird characters. He needs to use string.usub to edit it as utf-8.
Ah, now I understand. So string.sub( attempts to modify a single byte of a multi-byte character?

Offline Jim Bauwens

  • Lua! Nspire! Linux!
  • Editor
  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1881
  • Rating: +206/-7
  • Linux!
    • View Profile
    • nothing...
Re: Would Ndless 3.0 be possible through Lua?
« Reply #31 on: June 13, 2011, 11:09:54 am »
Yup, thats what happens.
Also, when you check the length of string with a utf character it will probably be bigger than the amount of chars in the string. For example, the string "E" is supposedly 3 chars long. And that is why TI added custom routines such as uchar and usub.

Offline NecroBumpist

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 130
  • Rating: +14/-5
  • Master of Lua
    • View Profile
Re: Would Ndless 3.0 be possible through Lua?
« Reply #32 on: August 20, 2011, 05:23:33 pm »
Kofler is not the first person to think of the bugs listed on the Lua bug page ;)

* the first bug involves precompiled code - but third-party Lua TNS documents are plain text, so we can't feed malformed precompiled code into TI's stripped interpreter through that means;

This is entirely viable.
string.dump() returns the precompiled version of a function (as does luac.exe), which you can then execute with loadstring()

I know several of these precompiled attacks, one of the more promising being that when you call a function, you can retrieve the values it placed on the stack. Yesterday I briefly tested this attack on the D2Editor.new(), but all I found was a __gc() metamethod, which ended up crashing my calculator.
But, there are many C functions in the NSpire's API, and it's possible one of them could be of some use.
Once I finish an update for one of my projects, I'll go back to testing this method more thoroughly.

If I find something, should I just PM it to ExtendeD? Though I'm not even sure I would know what's useful and what isn't...
Developing Lua scripts for the NSpire ?
Check out the Necrotorium
Need a few routines to run faster ? Checkout the MODS Lua Assembly Toolkit.
Need to save space for your scripts ? Checkout LuaSrcDiet

Offline Lionel Debroux

  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2135
  • Rating: +290/-45
    • View Profile
    • TI-Chess Team
Re: Would Ndless 3.0 be possible through Lua?
« Reply #33 on: August 21, 2011, 01:14:55 am »
Quote
This is entirely viable.
string.dump() returns the precompiled version of a function (as does luac.exe), which you can then execute with loadstring()
I wrote the part you quoted pretty early on, less than two weeks after the advent of OS 3.0.1.1573. I don't think that anyone had used loadstring() yet :)
But it would be good news.

Quote
If I find something, should I just PM it to ExtendeD?
You wouldn't want to post it in public indeed.
Member of the TI-Chess Team.
Co-maintainer of GCC4TI (GCC4TI online documentation), TILP and TIEmu.
Co-admin of TI-Planet.