Create a filesystem abstraction layer for CSM and only allow accessing files that are scanned into it. (#5965)

* Load client-side mods into memory before executing them. This removes the remaining filesystem access that client-sided mods had and it will hopefully make then more secure. * Lua Virtual filesystem: don't load the files into memory just scan the filenames into memory. * Fix the issues with backtrace * fix most of the issues * fix code style. * add a comment
2025-08-11 17:51:04 +00:00 · 2017-06-30 19:14:39 +01:00 · 2017-06-30 19:14:39 +01:00 · f3ad75691a
commit f3ad75691a
parent 2e53801fc0
24 changed files with 230 additions and 101 deletions
--- a/src/script/cpp_api/s_base.cpp
+++ b/src/script/cpp_api/s_base.cpp
@ -89,8 +89,10 @@ ScriptApiBase::ScriptApiBase()
 	lua_rawseti(m_luastack, LUA_REGISTRYINDEX, CUSTOM_RIDX_SCRIPTAPI);

 	// Add and save an error handler
-	lua_pushcfunction(m_luastack, script_error_handler);
-	lua_rawseti(m_luastack, LUA_REGISTRYINDEX, CUSTOM_RIDX_ERROR_HANDLER);
+	lua_getglobal(m_luastack, "debug");
+	lua_getfield(m_luastack, -1, "traceback");
+	lua_rawseti(m_luastack, LUA_REGISTRYINDEX, CUSTOM_RIDX_BACKTRACE);
+	lua_pop(m_luastack, 1); // pop debug

 	// If we are using LuaJIT add a C++ wrapper function to catch
 	// exceptions thrown in Lua -> C++ calls
@ -158,6 +160,35 @@ void ScriptApiBase::loadScript(const std::string &script_path)
 	lua_pop(L, 1); // Pop error handler
 }

+#ifndef SERVER
+void ScriptApiBase::loadModFromMemory(const std::string &mod_name)
+{
+	ModNameStorer mod_name_storer(getStack(), mod_name);
+
+	const std::string *init_filename = getClient()->getModFile(mod_name + ":init.lua");
+	const std::string display_filename = mod_name + ":init.lua";
+	if(init_filename == NULL)
+		throw ModError("Mod:\"" + mod_name + "\" lacks init.lua");
+
+	verbosestream << "Loading and running script " << display_filename << std::endl;
+
+	lua_State *L = getStack();
+
+	int error_handler = PUSH_ERROR_HANDLER(L);
+
+	bool ok = ScriptApiSecurity::safeLoadFile(L, init_filename->c_str(), display_filename.c_str());
+	if (ok)
+		ok = !lua_pcall(L, 0, 0, error_handler);
+	if (!ok) {
+		std::string error_msg = luaL_checkstring(L, -1);
+		lua_pop(L, 2); // Pop error message and error handler
+		throw ModError("Failed to load and run mod \"" +
+				mod_name + "\":\n" + error_msg);
+	}
+	lua_pop(L, 1); // Pop error handler
+}
+#endif
+
 // Push the list of callbacks (a lua table).
 // Then push nargs arguments.
 // Then call this function, which