oss/luanti
oss/luanti
1
0
Fork 0
mirror of https://github.com/luanti-org/luanti.git synced 2025-08-21 18:11:11 +00:00
Code Wiki Activity

Refactor ScriptApiSecurity for cleaner separation of concerns

Browse source
This commit is contained in:
sfan5 2024-11-03 14:24:35 +01:00
parent 4c44942a39
commit 1fd4e0b82d
11 changed files with 229 additions and 135 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/script/common/c_internal.cpp
View file

@ -3,6 +3,7 @@
// Copyright (C) 2013 celeron55, Perttu Ahola <celeron55@gmail.com>
#include "common/c_internal.h"
#include "cpp_api/s_security.h"
#include "util/numeric.h"
#include "debug.h"
#include "log.h"
@ -184,12 +185,9 @@ void log_deprecated(lua_State *L, std::string_view message, int stack_depth, boo
void call_string_dump(lua_State *L, int idx)
{
// Retrieve string.dump from insecure env to avoid it being tampered with
lua_rawgeti(L, LUA_REGISTRYINDEX, CUSTOM_RIDX_GLOBALS_BACKUP);
if (!lua_isnil(L, -1))
lua_getfield(L, -1, "string");
else
lua_getglobal(L, "string");
// Retrieve string.dump from untampered env
ScriptApiSecurity::getGlobalsBackup(L);
lua_getfield(L, -1, "string");
lua_getfield(L, -1, "dump");
lua_remove(L, -2); // remove _G
lua_remove(L, -2); // remove 'string' table

1
src/script/common/c_internal.h
View file

@ -39,6 +39,7 @@ enum {
#endif
CUSTOM_RIDX_SCRIPTAPI,
/// @warning don't use directly, `ScriptApiSecurity` has wrappers
CUSTOM_RIDX_GLOBALS_BACKUP,
CUSTOM_RIDX_CURRENT_MOD_NAME,
CUSTOM_RIDX_ERROR_HANDLER,