fiddlerwoaroof/crawl - Change AVSMB4Y6F6ZMMNNPOAQQZ34OWC6N5JOURTEWFTUKDWMIIMLWWJUAC

Override loadfile and dofile in the Lua user-script interpreter so they have to

use datafile_path, and cannot use shell metacharacters (not that it matters) and ../ paths. Multiple loading is not prevented; we could probably add another function that does that.

git-svn-id: https://crawl-ref.svn.sourceforge.net/svnroot/crawl-ref/trunk@1614 c06c8d41-db1a-0410-9941-cceddc491573

Created by dshaligram on June 21, 2007

AVSMB4Y6F6ZMMNNPOAQQZ34OWC6N5JOURTEWFTUKDWMIIMLWWJUAC

Dependencies

In channels

main

Change contents

Insertion in crawl-ref/source/libutil.h at line 28 [5.2493627]
[2.677]
[4.965]
```
bool shell_safe(const char *file);
```

Insertion in crawl-ref/source/clua.h at line 76 [6.481234]

[6.482440]

    static int loadfile(lua_State *ls, const char *file);
    static bool is_path_safe(const char *file);

Deletion in crawl-ref/source/clua.h at line 111 [6.481234]
B:BD[7.1667] → [7.1667:1691]
```
    void guard_pcall();
```
Insertion in crawl-ref/source/clua.cc at line 52 [6.483969]
[6.484842]
[7.1872]
```
static int clua_panic(lua_State *);
```

Replacement in crawl-ref/source/clua.cc at line 56 [6.483969]

B:BD[7.1974] → [3.662:698]

static int clua_panic(lua_State *);

[7.1974]

[6.484853]

static int clua_dofile(lua_State *);
static int clua_loadfile(lua_State *);

Insertion in crawl-ref/source/clua.cc at line 217 [6.483969]

[6.487256]

}
bool CLua::is_path_safe(const char *s)
{
    return (!strstr(s, "..") && shell_safe(s));
}
int CLua::loadfile(lua_State *ls, const char *filename)
{
    if (!ls)
        return (-1);
    if (!is_path_safe(filename))
    {
        lua_pushstring(
            ls,
            make_stringf("invalid filename: %s", filename).c_str());
        return (-1);
    }
    
    const std::string file = datafile_path(filename, false);
    return (luaL_loadfile(ls, file.c_str()));

Deletion in crawl-ref/source/clua.cc at line 247 [6.483969]

B:BD[6.487418] → [6.487418:487580]


    FILE *f = fopen(filename, "r");
    if (f)
        fclose(f);
    else
    {
        error = std::string("Can't read ") + filename;
        return -1;
    }

Replacement in crawl-ref/source/clua.cc at line 249 [6.483969]

B:BD[6.487610] → [6.487610:487690]

    if (!ls)
        return -1;
    
    int err = luaL_loadfile(ls, filename);

[6.487610]

[7.2941]

    int err = loadfile(ls, filename);

Replacement in crawl-ref/source/clua.cc at line 585 [6.483969]

B:BD[7.3083] → [7.3083:3359]

        guard_pcall();
}
void CLua::guard_pcall()
{
    // Replace Lua's pcall() with our own version which doesn't swallow
    // 666: errors that we generate for buggy or malicious scripts that try
    // to hog CPU.
    lua_register(_state, "pcall", clua_guarded_pcall);

[7.3083]

[6.495302]

    {
        lua_register(_state, "pcall", clua_guarded_pcall);
        lua_register(_state, "loadfile", clua_loadfile);
        lua_register(_state, "dofile", clua_dofile);
    }

Insertion in crawl-ref/source/clua.cc at line 2460 [6.483969]

[7.4292]

[6.540287]

}
lua_call_throttle::lua_call_throttle(CLua *_lua)
    : lua(_lua)
{
    lua->init_throttle();
    if (!lua->mixed_call_depth++)
        lua_map[lua->state()] = lua;
}
lua_call_throttle::~lua_call_throttle()
{
    if (!--lua->mixed_call_depth)
        lua_map.erase(lua->state());
}
CLua *lua_call_throttle::find_clua(lua_State *ls)
{
    lua_clua_map::iterator i = lua_map.find(ls);
    return (i != lua_map.end()? i->second : NULL);

Replacement in crawl-ref/source/clua.cc at line 2518 [6.483969]
B:BD[7.5454] → [7.5454:5519]
```
lua_call_throttle::lua_call_throttle(CLua *_lua)
    : lua(_lua)
```
[7.5454]
[7.5519]
```
static int clua_loadfile(lua_State *ls)
```

Replacement in crawl-ref/source/clua.cc at line 2520 [6.483969]

B:BD[7.5521] → [7.5521:5620]

    lua->init_throttle();
    if (!lua->mixed_call_depth++)
        lua_map[lua->state()] = lua;
}

[7.5521]

[7.5620]

    const char *file = luaL_checkstring(ls, 1);
    if (!file)
        return (0);

Replacement in crawl-ref/source/clua.cc at line 2524 [6.483969]

B:BD[7.5621] → [7.5621:5734]

lua_call_throttle::~lua_call_throttle()
{
    if (!--lua->mixed_call_depth)
        lua_map.erase(lua->state());

[7.5621]

[7.5734]

    const int err = CLua::loadfile(ls, file);
    if (err)
    {
        const int place = lua_gettop(ls);
        lua_pushnil(ls);
        lua_insert(ls, place);
        return (2);
    }
    return (1);

Replacement in crawl-ref/source/clua.cc at line 2535 [6.483969]
B:BD[7.5737] → [7.5737:5787]
```
CLua *lua_call_throttle::find_clua(lua_State *ls)
```
[7.5737]
[7.5787]
```
static int clua_dofile(lua_State *ls)
```

Replacement in crawl-ref/source/clua.cc at line 2537 [6.483969]

B:BD[7.5789] → [7.5789:5889]

    lua_clua_map::iterator i = lua_map.find(ls);
    return (i != lua_map.end()? i->second : NULL);

[7.5789]

[7.5889]

    const char *file = luaL_checkstring(ls, 1);
    if (!file)
        return (0);
    const int err = CLua::loadfile(ls, file);
    if (err)
        return (lua_error(ls));
    lua_call(ls, 0, LUA_MULTRET);
    return (lua_gettop(ls));