Implement script sandboxing for main menu

2025-08-01 17:38:41 +00:00 · 2024-11-03 16:53:01 +01:00 · 2024-11-03 16:53:01 +01:00 · ea4ae55e24
commit ea4ae55e24
parent 1fd4e0b82d
10 changed files with 146 additions and 126 deletions
--- a/src/script/cpp_api/s_async.cpp
+++ b/src/script/cpp_api/s_async.cpp
@ -14,10 +14,14 @@ extern "C" {
 #include "server.h"
 #include "s_async.h"
 #include "log.h"
+#include "config.h"
 #include "filesys.h"
 #include "porting.h"
 #include "common/c_internal.h"
 #include "common/c_packer.h"
+#if CHECK_CLIENT_BUILD()
+#include "script/scripting_mainmenu.h"
+#endif
 #include "lua_api/l_base.h"

 /******************************************************************************/
@ -256,7 +260,6 @@ bool AsyncEngine::prepareEnvironment(lua_State* L, int top)
 	return true;
 }

-/******************************************************************************/
 AsyncWorkerThread::AsyncWorkerThread(AsyncEngine* jobDispatcher,
 		const std::string &name) :
 	ScriptApiBase(ScriptingType::Async),
@ -270,6 +273,8 @@ AsyncWorkerThread::AsyncWorkerThread(AsyncEngine* jobDispatcher,

 		if (g_settings->getBool("secure.enable_security"))
 			initializeSecurity();
+	} else {
+		initializeSecurity();
 	}

 	// Prepare job lua environment
@ -287,13 +292,27 @@ AsyncWorkerThread::AsyncWorkerThread(AsyncEngine* jobDispatcher,
 	lua_pop(L, 1);
 }

-/******************************************************************************/
 AsyncWorkerThread::~AsyncWorkerThread()
 {
 	sanity_check(!isRunning());
 }

-/******************************************************************************/
+bool AsyncWorkerThread::checkPathInternal(const std::string &abs_path,
+	bool write_required, bool *write_allowed)
+{
+	auto *L = getStack();
+	// dispatch to the right implementation. this should be refactored some day...
+	if (jobDispatcher->server) {
+		return ScriptApiSecurity::checkPathWithGamedef(L, abs_path, write_required, write_allowed);
+	} else {
+#if CHECK_CLIENT_BUILD()
+		return MainMenuScripting::checkPathAccess(abs_path, write_required, write_allowed);
+#else
+		FATAL_ERROR("should never get here");
+#endif
+	}
+}
+
 void* AsyncWorkerThread::run()
 {
 	if (isErrored)
--- a/src/script/cpp_api/s_async.h
+++ b/src/script/cpp_api/s_async.h
@ -56,10 +56,7 @@ protected:
 	AsyncWorkerThread(AsyncEngine* jobDispatcher, const std::string &name);

 	bool checkPathInternal(const std::string &abs_path, bool write_required,
-		bool *write_allowed) override {
-		return ScriptApiSecurity::checkPathWithGamedef(getStack(),
-			abs_path, write_required, write_allowed);
-	};
+		bool *write_allowed) override;

 private:
 	AsyncEngine *jobDispatcher = nullptr;
--- a/src/script/cpp_api/s_security.cpp
+++ b/src/script/cpp_api/s_security.cpp
@ -66,6 +66,7 @@ void ScriptApiSecurity::initializeSecurity()
 		"core",
 		"collectgarbage",
 		"DIR_DELIM",
+		"PLATFORM",
 		"error",
 		"getfenv",
 		"getmetatable",