X-Git-Url: https://git.lizzy.rs/?a=blobdiff_plain;f=src%2Fscript%2Fcpp_api%2Fs_security.h;h=880ce1638b7765045193605f40606496c4e4781d;hb=ec9f1575121e3b064b919bca7efddfa8b0fc4e65;hp=4a4389cf5187bbd9594ba123871be78899819e27;hpb=3a8c7888807e4483bbdb3edd81c9893f3e2f427d;p=minetest.git diff --git a/src/script/cpp_api/s_security.h b/src/script/cpp_api/s_security.h index 4a4389cf5..880ce1638 100644 --- a/src/script/cpp_api/s_security.h +++ b/src/script/cpp_api/s_security.h @@ -17,21 +17,23 @@ with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef S_SECURITY_H -#define S_SECURITY_H +#pragma once #include "cpp_api/s_base.h" -#define CHECK_SECURE_PATH(L, path) \ - if (!ScriptApiSecurity::checkPath(L, path)) { \ - lua_pushstring(L, (std::string("Attempt to access external file ") + \ - path + " with mod security on.").c_str()); \ - lua_error(L); \ +#define CHECK_SECURE_PATH_INTERNAL(L, path, write_required, ptr) \ + if (!ScriptApiSecurity::checkPath(L, path, write_required, ptr)) { \ + throw LuaError(std::string("Mod security: Blocked attempted ") + \ + (write_required ? "write to " : "read from ") + path); \ } -#define CHECK_SECURE_PATH_OPTIONAL(L, path) \ +#define CHECK_SECURE_PATH(L, path, write_required) \ if (ScriptApiSecurity::isSecure(L)) { \ - CHECK_SECURE_PATH(L, path); \ + CHECK_SECURE_PATH_INTERNAL(L, path, write_required, NULL); \ + } +#define CHECK_SECURE_PATH_POSSIBLE_WRITE(L, path, ptr) \ + if (ScriptApiSecurity::isSecure(L)) { \ + CHECK_SECURE_PATH_INTERNAL(L, path, false, ptr); \ } @@ -40,14 +42,27 @@ class ScriptApiSecurity : virtual public ScriptApiBase public: // Sets up security on the ScriptApi's Lua state void initializeSecurity(); + void initializeSecurityClient(); // Checks if the Lua state has been secured static bool isSecure(lua_State *L); + // Loads a string as Lua code safely (doesn't allow bytecode). + static bool safeLoadString(lua_State *L, const std::string &code, const char *chunk_name); // Loads a file as Lua code safely (doesn't allow bytecode). - static bool safeLoadFile(lua_State *L, const char *path); - // Checks if mods are allowed to read and write to the path - static bool checkPath(lua_State *L, const char *path); + static bool safeLoadFile(lua_State *L, const char *path, const char *display_name = NULL); + // Checks if mods are allowed to read (and optionally write) to the path + static bool checkPath(lua_State *L, const char *path, bool write_required, + bool *write_allowed=NULL); + // Check if mod is whitelisted in the given setting + // This additionally checks that the mod's main file scope is executing. + static bool checkWhitelisted(lua_State *L, const std::string &setting); private: + int getThread(lua_State *L); + // sets the enviroment to the table thats on top of the stack + void setLuaEnv(lua_State *L, int thread); + // creates an empty Lua environment + void createEmptyEnv(lua_State *L); + // Syntax: "sl_" '_' // (sl stands for Secure Lua) @@ -64,7 +79,5 @@ class ScriptApiSecurity : virtual public ScriptApiBase static int sl_os_rename(lua_State *L); static int sl_os_remove(lua_State *L); + static int sl_os_setlocale(lua_State *L); }; - -#endif -