| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
that are scanned into it. (#5965)
* Load client-side mods into memory before executing them.
This removes the remaining filesystem access that client-sided mods had and it will hopefully make then more secure.
* Lua Virtual filesystem: don't load the files into memory just scan the filenames into memory.
* Fix the issues with backtrace
* fix most of the issues
* fix code style.
* add a comment
|
|
|
|
|
|
|
|
|
|
| |
* Resource leak: CHECK_FILE_ERR returns, without freeing chunk_name.
Found with static analysis.
* Resource leak: leaks `page` on error path.
Found with static analysis.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* rename GameScripting to ServerScripting
* Make getBuiltinLuaPath static serverside
* Add on_shutdown callback
* Add on_receiving_chat_message & on_sending_chat_message callbacks
* ScriptApiBase: use IGameDef instead of Server
This permits to share common attribute between client & server
* Enable mod security in client side modding without conditions
|
|
|
|
|
| |
os.exit will exit not using proper resource liberation paths.
Mods should call the proper exit mod using our API
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Trying to resolve a path with RemoveRelativePathComponents that can't
be resolved without leaving leading parent components (e.g. "../worlds/foo"
or "bar/../../worlds/foo") will fail. To work around this, we leave
the relative components and simply remove the trailing components one
at a time, and bail out when we find a parent component. This will
still fail for paths like "worlds/foo/noexist/../auth.txt" (the path
before the last parent component must not exist), but this is fine
since you won't be able to open a file with a path like that anyways
(the O.S. will determine that the path doesn't exist.
Try `cat /a/../etc/passwd`).
|
| |
|
|
|
|
|
| |
It used to drop all of the return values from the
insecure version of the function.
|
| |
|
| |
|
| |
|
|
|
| |
Note that the macro CHECK_FILE_ERR implements the code removed
|
|
|
|
| |
This function could be used to steal insecure environments from trusted mods.
|
| |
|
|
|
|
|
| |
According to doc, dofile() raises an error when parsing failed due to syntax errors.
Fixes #2775
|
|
|
|
| |
Also fix a startup error caused by s_security.cpp
|
|
Due to compatibility concerns, this is temporarily disabled.
|