X-Git-Url: https://git.lizzy.rs/?a=blobdiff_plain;f=src%2Fscript%2Fcpp_api%2Fs_security.cpp;h=9d65819c0ed0d61988a72e27e290c030e3e4ea36;hb=6ccb5835ff55d85156be91473c598eca9d6cb9a6;hp=2afa3a191d1ce7b8b451c89cebba44570dc24caa;hpb=659245acc7dcc28e345b8dfa50571102f4f07728;p=dragonfireclient.git

diff --git a/src/script/cpp_api/s_security.cpp b/src/script/cpp_api/s_security.cpp
index 2afa3a191..9d65819c0 100644
--- a/src/script/cpp_api/s_security.cpp
+++ b/src/script/cpp_api/s_security.cpp
@@ -90,6 +90,7 @@ void ScriptApiSecurity::initializeSecurity()
 		"math",
 	};
 	static const char *io_whitelist[] = {
+		"open",
 		"close",
 		"flush",
 		"read",
@@ -173,7 +174,7 @@ void ScriptApiSecurity::initializeSecurity()
 	copy_safe(L, io_whitelist, sizeof(io_whitelist));
 
 	// And replace unsafe ones
-	SECURE_API(io, open);
+	//SECURE_API(io, open);
 	SECURE_API(io, input);
 	SECURE_API(io, output);
 	SECURE_API(io, lines);
@@ -267,7 +268,6 @@ void ScriptApiSecurity::initializeSecurityClient()
 		"getinfo",
 		"traceback"
 	};
-
 #if USE_LUAJIT
 	static const char *jit_whitelist[] = {
 		"arch",
@@ -287,6 +287,10 @@ void ScriptApiSecurity::initializeSecurityClient()
 	lua_State *L = getStack();
 	int thread = getThread(L);
 
+	// Backup globals to the registry
+	lua_getglobal(L, "_G");
+	lua_rawseti(L, LUA_REGISTRYINDEX, CUSTOM_RIDX_GLOBALS_BACKUP);
+
 	// create an empty environment
 	createEmptyEnv(L);
 
@@ -303,8 +307,6 @@ void ScriptApiSecurity::initializeSecurityClient()
 	SECURE_API(g, require);
 	lua_pop(L, 2);
 
-
-
 	// Copy safe OS functions
 	lua_getglobal(L, "os");
 	lua_newtable(L);
@@ -319,6 +321,7 @@ void ScriptApiSecurity::initializeSecurityClient()
 	copy_safe(L, debug_whitelist, sizeof(debug_whitelist));
 	lua_setfield(L, -3, "debug");
 	lua_pop(L, 1);  // Pop old debug
+	
 
 #if USE_LUAJIT
 	// Copy safe jit functions, if they exist