diff options
author | red-001 <red-001@outlook.ie> | 2017-01-28 21:43:06 +0000 |
---|---|---|
committer | Loic Blot <loic.blot@unix-experience.fr> | 2017-03-19 12:34:33 +0100 |
commit | 2e3778ec0c1f77007d064d15310fa816e2a07e88 (patch) | |
tree | 6c1a0657057b8f1a549554523d7b5ab1cf49f763 /src/script/cpp_api | |
parent | f8ad01ab7c4cf012781bd4caa821544e676c9267 (diff) | |
download | minetest-2e3778ec0c1f77007d064d15310fa816e2a07e88.tar.gz minetest-2e3778ec0c1f77007d064d15310fa816e2a07e88.tar.bz2 minetest-2e3778ec0c1f77007d064d15310fa816e2a07e88.zip |
Block access to the `io` library
Diffstat (limited to 'src/script/cpp_api')
-rw-r--r-- | src/script/cpp_api/s_security.cpp | 30 |
1 files changed, 4 insertions, 26 deletions
diff --git a/src/script/cpp_api/s_security.cpp b/src/script/cpp_api/s_security.cpp index c6aad71b8..ec3a52e8e 100644 --- a/src/script/cpp_api/s_security.cpp +++ b/src/script/cpp_api/s_security.cpp @@ -123,6 +123,7 @@ void ScriptApiSecurity::initializeSecurity() "path", "searchpath", }; +#if USE_LUAJIT static const char *jit_whitelist[] = { "arch", "flush", @@ -134,7 +135,7 @@ void ScriptApiSecurity::initializeSecurity() "version", "version_num", }; - +#endif m_secure = true; lua_State *L = getStack(); @@ -245,13 +246,6 @@ void ScriptApiSecurity::initializeSecurityClient() "table", "math", }; - static const char *io_whitelist[] = { - "close", - "flush", - "read", - "type", - "write", - }; static const char *os_whitelist[] = { "clock", "date", @@ -263,6 +257,7 @@ void ScriptApiSecurity::initializeSecurityClient() "getinfo", }; +#if USE_LUAJIT static const char *jit_whitelist[] = { "arch", "flush", @@ -274,6 +269,7 @@ void ScriptApiSecurity::initializeSecurityClient() "version", "version_num", }; +#endif m_secure = true; @@ -294,20 +290,6 @@ void ScriptApiSecurity::initializeSecurityClient() lua_pop(L, 1); - // Copy safe IO functions - lua_getfield(L, old_globals, "io"); - lua_newtable(L); - copy_safe(L, io_whitelist, sizeof(io_whitelist)); - - // And replace unsafe ones - SECURE_API(io, open); - SECURE_API(io, input); - SECURE_API(io, output); - SECURE_API(io, lines); - - lua_setglobal(L, "io"); - lua_pop(L, 1); // Pop old IO - // Copy safe OS functions lua_getfield(L, old_globals, "os"); @@ -324,10 +306,6 @@ void ScriptApiSecurity::initializeSecurityClient() lua_setglobal(L, "debug"); lua_pop(L, 1); // Pop old debug - // Remove all of package - lua_newtable(L); - lua_setglobal(L, "package"); - #if USE_LUAJIT // Copy safe jit functions, if they exist lua_getfield(L, -1, "jit"); |