Lua: Endless loop and no limit on memory

[GoogleCodeExporter]

The following will freeze forever:
function main()
  while 2 < 5 do
  end
end

Using too much RAM can crash after using up 2 GB of RAM:
array1 = {}
function main()
  local i = 1
  while i < 100000000 do
    array1[i] = {{{{{{{{{{}}}}}}}}}}
    i = i + 1
  end
end

A single {} might not crash Windows 32 bit, but will memory leak after LUA 
memory exception.

Allowing users to upload these levelgen can kill the server. Limiting LUA 
memory usage and execution time may solve this.

Original issue reported on code.google.com by [email protected] on 12 Jan 2015 at 9:29

[GoogleCodeExporter]

Would also be nice to allow editor plugin users to (optionally) kill a 
long-running plugin.

Original comment by [email protected] on 20 Jan 2015 at 6:24

[GoogleCodeExporter]

This is all doable... but is it worth the effort?

Original comment by [email protected] on 27 Apr 2015 at 5:30

[GoogleCodeExporter]

Actually, if we are permitting users to upload scripts to a server, then it may 
be.  But are we?

Original comment by [email protected] on 27 Apr 2015 at 5:30

[GoogleCodeExporter]

I'm not sure we are permitting uploading scripts - but we do allow downloading 
from pleiades which is another attack vector as well.  I suspect sam686 or kaen 
did fix uploading levelgen with the level as an admin.

Original comment by buckyballreaction on 27 Apr 2015 at 12:49