[Freeciv-commits] r35666 - in /trunk: client/luascript/ common/scriptcore/ server/scripting/

Fri, 19 May 2017 16:06:07 -0700 

Author: cazfi
Date: Sat May 20 01:05:45 2017
New Revision: 35666

URL: http://svn.gna.org/viewcvs/freeciv?rev=35666&view=rev
Log:
Let security restrictions of 'game' and 'fcdb' lua instances differ

Requested by Jacob Nevins <jtn>

See hrm Feature #657141

Modified:
    trunk/client/luascript/script_client.c
    trunk/common/scriptcore/luascript.c
    trunk/common/scriptcore/luascript.h
    trunk/server/scripting/script_fcdb.c
    trunk/server/scripting/script_server.c

Modified: trunk/client/luascript/script_client.c
URL: 
http://svn.gna.org/viewcvs/freeciv/trunk/client/luascript/script_client.c?rev=35666&r1=35665&r2=35666&view=diff
==============================================================================
--- trunk/client/luascript/script_client.c      (original)
+++ trunk/client/luascript/script_client.c      Sat May 20 01:05:45 2017
@@ -200,7 +200,7 @@
     return TRUE;
   }
 
-  main_fcl = luascript_new(script_client_output);
+  main_fcl = luascript_new(script_client_output, TRUE);
   if (main_fcl == NULL) {
     luascript_destroy(main_fcl); /* TODO: main_fcl is NULL here... */
     main_fcl = NULL;

Modified: trunk/common/scriptcore/luascript.c
URL: 
http://svn.gna.org/viewcvs/freeciv/trunk/common/scriptcore/luascript.c?rev=35666&r1=35665&r2=35666&view=diff
==============================================================================
--- trunk/common/scriptcore/luascript.c (original)
+++ trunk/common/scriptcore/luascript.c Sat May 20 01:05:45 2017
@@ -62,13 +62,20 @@
 #define LUASCRIPT_SECURE_LUA_VERSION1 502
 #define LUASCRIPT_SECURE_LUA_VERSION2 503
 
-static const char *luascript_unsafe_symbols[] = {
+static const char *luascript_unsafe_symbols_secure[] = {
   "debug",
   "dofile",
   "loadfile",
   NULL
 };
 
+static const char *luascript_unsafe_symbols_permissive[] = {
+  "debug",
+  "dofile",
+  "loadfile",
+  NULL
+};
+
 #if LUA_VERSION_NUM != LUASCRIPT_SECURE_LUA_VERSION1 && LUA_VERSION_NUM != 
LUASCRIPT_SECURE_LUA_VERSION2
 #warning "The script runtime's unsafe symbols information is not up to date."
 #warning "This can be a big security hole!"
@@ -79,7 +86,7 @@
   and library loading modules). See linit.c in Lua 5.1 for the default list.
 *****************************************************************************/
 #if LUA_VERSION_NUM == 502
-static luaL_Reg luascript_lualibs[] = {
+static luaL_Reg luascript_lualibs_secure[] = {
   /* Using default libraries excluding: package, io and os */
   {"_G", luaopen_base},
   {LUA_COLIBNAME, luaopen_coroutine},
@@ -91,7 +98,7 @@
   {NULL, NULL}
 };
 #elif LUA_VERSION_NUM == 503
-static luaL_Reg luascript_lualibs[] = {
+static luaL_Reg luascript_lualibs_secure[] = {
   /* Using default libraries excluding: package, io, os, and bit32 */
   {"_G", luaopen_base},
   {LUA_COLIBNAME, luaopen_coroutine},
@@ -100,6 +107,19 @@
   {LUA_UTF8LIBNAME, luaopen_utf8},
   {LUA_MATHLIBNAME, luaopen_math},
   {LUA_DBLIBNAME, luaopen_debug},
+  {NULL, NULL}
+};
+
+static luaL_Reg luascript_lualibs_permissive[] = {
+  /* Using default libraries excluding: package, io, os, and bit32 */
+  {"_G", luaopen_base},
+  {LUA_COLIBNAME, luaopen_coroutine},
+  {LUA_TABLIBNAME, luaopen_table},
+  {LUA_STRLIBNAME, luaopen_string},
+  {LUA_UTF8LIBNAME, luaopen_utf8},
+  {LUA_MATHLIBNAME, luaopen_math},
+  {LUA_DBLIBNAME, luaopen_debug},
+  {LUA_OSLIBNAME, luaopen_os},
   {NULL, NULL}
 };
 #else  /* LUA_VERSION_NUM */
@@ -316,7 +336,8 @@
 /*****************************************************************************
   Initialize the scripting state.
 *****************************************************************************/
-struct fc_lua *luascript_new(luascript_log_func_t output_fct)
+struct fc_lua *luascript_new(luascript_log_func_t output_fct,
+                             bool secured_environment)
 {
   struct fc_lua *fcl = fc_calloc(1, sizeof(*fcl));
 
@@ -328,9 +349,15 @@
   fcl->output_fct = output_fct;
   fcl->caller = NULL;
 
-  luascript_openlibs(fcl->state, luascript_lualibs);
-  luascript_traceback_func_save(fcl->state);
-  luascript_blacklist(fcl->state, luascript_unsafe_symbols);
+  if (secured_environment) {
+    luascript_openlibs(fcl->state, luascript_lualibs_secure);
+    luascript_traceback_func_save(fcl->state);
+    luascript_blacklist(fcl->state, luascript_unsafe_symbols_secure);
+  } else {
+    luascript_openlibs(fcl->state, luascript_lualibs_permissive);
+    luascript_traceback_func_save(fcl->state);
+    luascript_blacklist(fcl->state, luascript_unsafe_symbols_permissive);
+  }
 
   /* Save the freeciv lua struct in the lua state. */
   lua_pushstring(fcl->state, LUASCRIPT_GLOBAL_VAR_NAME);

Modified: trunk/common/scriptcore/luascript.h
URL: 
http://svn.gna.org/viewcvs/freeciv/trunk/common/scriptcore/luascript.h?rev=35666&r1=35665&r2=35666&view=diff
==============================================================================
--- trunk/common/scriptcore/luascript.h (original)
+++ trunk/common/scriptcore/luascript.h Sat May 20 01:05:45 2017
@@ -61,7 +61,8 @@
 int luascript_arg_error(lua_State *L, int narg, const char *msg);
 
 /* Create / destroy a freeciv lua instance. */
-struct fc_lua *luascript_new(luascript_log_func_t outputfct);
+struct fc_lua *luascript_new(luascript_log_func_t outputfct,
+                             bool secured_environment);
 struct fc_lua *luascript_get_fcl(lua_State *L);
 void luascript_destroy(struct fc_lua *fcl);
 

Modified: trunk/server/scripting/script_fcdb.c
URL: 
http://svn.gna.org/viewcvs/freeciv/trunk/server/scripting/script_fcdb.c?rev=35666&r1=35665&r2=35666&view=diff
==============================================================================
--- trunk/server/scripting/script_fcdb.c        (original)
+++ trunk/server/scripting/script_fcdb.c        Sat May 20 01:05:45 2017
@@ -193,7 +193,7 @@
     fcdb_luafile = FC_CONF_PATH "/" SCRIPT_FCDB_LUA_FILE;
   }
 
-  fcl = luascript_new(NULL);
+  fcl = luascript_new(NULL, FALSE);
   if (fcl == NULL) {
     log_error("Error loading the Freeciv database lua definition.");
     return FALSE;

Modified: trunk/server/scripting/script_server.c
URL: 
http://svn.gna.org/viewcvs/freeciv/trunk/server/scripting/script_server.c?rev=35666&r1=35665&r2=35666&view=diff
==============================================================================
--- trunk/server/scripting/script_server.c      (original)
+++ trunk/server/scripting/script_server.c      Sat May 20 01:05:45 2017
@@ -254,7 +254,7 @@
     return TRUE;
   }
 
-  fcl_main = luascript_new(NULL);
+  fcl_main = luascript_new(NULL, TRUE);
   if (fcl_main == NULL) {
     luascript_destroy(fcl_main);
     fcl_main = NULL;


_______________________________________________
Freeciv-commits mailing list
Freeciv-commits@gna.org
https://mail.gna.org/listinfo/freeciv-commits

Reply via email to