Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Add a comment to the Lemon documentation regarding the security of the lemon.exe command-line tool. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: | 4c2458c1908181dc2f6bc594395c06d0 |
| User & Date: | drh 2017-06-01 01:53:19 |
Context
|
2017-06-02
| ||
| 13:16 | Fix a typo in the header comment of the "series.c" virtual table extension. check-in: d637feb4 user: drh tags: trunk | |
|
2017-06-01
| ||
| 01:53 | Add a comment to the Lemon documentation regarding the security of the lemon.exe command-line tool. check-in: 4c2458c1 user: drh tags: trunk | |
|
2017-05-31
| ||
| 17:30 | Add the SQLITE_STMTSTATUS_MEMUSED opcode to sqlite3_stmt_status() for finding the heap memory usage by a single prepared statement. check-in: c26cf978 user: drh tags: trunk | |
Changes
Changes to doc/lemon.html.
18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
Lemon also implements features that can be used to eliminate resource leaks, making is suitable for use in long-running programs such as graphical user interfaces or embedded controllers.</p> <p>This document is an introduction to the Lemon parser generator.</p> <h2>Theory of Operation</h2> <p>The main goal of Lemon is to translate a context free grammar (CFG) for a particular language into C code that implements a parser for that language. The program has two inputs: |
> > > > > > > > > > > > > > > > > > > > |
18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 |
Lemon also implements features that can be used to eliminate resource leaks, making is suitable for use in long-running programs such as graphical user interfaces or embedded controllers.</p> <p>This document is an introduction to the Lemon parser generator.</p> <h2>Security Note</h2> <p>The language parser code created by Lemon is very robust and is well-suited for use in internet-facing applications that need to safely process maliciously crafted inputs. <p>The "lemon.exe" command-line tool itself works great when given a valid input grammar file and almost always gives helpful error messages for malformed inputs. However, it is possible for a malicious user to craft a grammar file that will cause lemon.exe to crash. We do not see this as a problem, as lemon.exe is not intended to be used with hostile inputs. To summarize:</p> <ul> <li>Parser code generated by lemon → Robust and secure <li>The "lemon.exe" command line tool itself → Not so much </ul> <h2>Theory of Operation</h2> <p>The main goal of Lemon is to translate a context free grammar (CFG) for a particular language into C code that implements a parser for that language. The program has two inputs: |