Skip to content

Commit 94bd9c5

Browse files
authored
Merge pull request #316 from Dezash/feature/os-lib
Enable safe Lua os.* functions
2 parents 98e8454 + 944c01b commit 94bd9c5

File tree

2 files changed

+28
-0
lines changed

2 files changed

+28
-0
lines changed

Client/mods/deathmatch/logic/lua/CLuaMain.cpp

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -73,6 +73,19 @@ void CLuaMain::ResetInstructionCount(void)
7373

7474
void CLuaMain::InitSecurity(void)
7575
{
76+
// Disable dangerous Lua Os library functions
77+
static const luaL_reg osfuncs[] =
78+
{
79+
{ "execute", CLuaUtilDefs::DisabledFunction },
80+
{ "rename", CLuaUtilDefs::DisabledFunction },
81+
{ "remove", CLuaUtilDefs::DisabledFunction },
82+
{ "exit", CLuaUtilDefs::DisabledFunction },
83+
{ "getenv", CLuaUtilDefs::DisabledFunction },
84+
{ "tmpname", CLuaUtilDefs::DisabledFunction },
85+
{ NULL, NULL }
86+
};
87+
luaL_register(m_luaVM, "os", osfuncs);
88+
7689
lua_register(m_luaVM, "dofile", CLuaUtilDefs::DisabledFunction);
7790
lua_register(m_luaVM, "loadfile", CLuaUtilDefs::DisabledFunction);
7891
lua_register(m_luaVM, "require", CLuaUtilDefs::DisabledFunction);
@@ -141,6 +154,7 @@ void CLuaMain::InitVM(void)
141154
luaopen_table(m_luaVM);
142155
luaopen_debug(m_luaVM);
143156
luaopen_utf8(m_luaVM);
157+
luaopen_os(m_luaVM);
144158

145159
// Initialize security restrictions. Very important to prevent lua trojans and viruses!
146160
InitSecurity();

Server/mods/deathmatch/logic/lua/CLuaMain.cpp

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -108,6 +108,19 @@ void CLuaMain::ResetInstructionCount(void)
108108

109109
void CLuaMain::InitSecurity(void)
110110
{
111+
// Disable dangerous Lua Os library functions
112+
static const luaL_reg osfuncs[] =
113+
{
114+
{ "execute", CLuaUtilDefs::DisabledFunction },
115+
{ "rename", CLuaUtilDefs::DisabledFunction },
116+
{ "remove", CLuaUtilDefs::DisabledFunction },
117+
{ "exit", CLuaUtilDefs::DisabledFunction },
118+
{ "getenv", CLuaUtilDefs::DisabledFunction },
119+
{ "tmpname", CLuaUtilDefs::DisabledFunction },
120+
{ NULL, NULL }
121+
};
122+
luaL_register(m_luaVM, "os", osfuncs);
123+
111124
lua_register(m_luaVM, "dofile", CLuaUtilDefs::DisabledFunction);
112125
lua_register(m_luaVM, "loadfile", CLuaUtilDefs::DisabledFunction);
113126
lua_register(m_luaVM, "require", CLuaUtilDefs::DisabledFunction);
@@ -172,6 +185,7 @@ void CLuaMain::InitVM(void)
172185
luaopen_table(m_luaVM);
173186
luaopen_debug(m_luaVM);
174187
luaopen_utf8(m_luaVM);
188+
luaopen_os(m_luaVM);
175189

176190
// Initialize security restrictions. Very important to prevent lua trojans and viruses!
177191
InitSecurity();

0 commit comments

Comments
 (0)