Commit Graph

16 Commits

Author SHA1 Message Date
red-001
2e3778ec0c Block access to the io library 2017-03-19 12:34:33 +01:00
red-001
a50d07d39a [CSM] Improve security for client-sided mods (#5100) 2017-03-13 23:56:05 +01:00
Loic Blot
2efae3ffd7 [CSM] Client side modding
* rename GameScripting to ServerScripting
* Make getBuiltinLuaPath static serverside
* Add on_shutdown callback
* Add on_receiving_chat_message & on_sending_chat_message callbacks
* ScriptApiBase: use IGameDef instead of Server
  This permits to share common attribute between client & server
* Enable mod security in client side modding without conditions
2017-03-13 23:56:05 +01:00
Loïc Blot
39123fcce5 Remove os.exit from the Lua secure sandbox (#5090)
os.exit will exit not using proper resource liberation paths.

Mods should call the proper exit mod using our API
2017-01-21 22:05:54 +01:00
ShadowNinja
0f0502109e Security: Fix resolving of some relative paths
Trying to resolve a path with RemoveRelativePathComponents that can't
be resolved without leaving leading parent components (e.g. "../worlds/foo"
or "bar/../../worlds/foo") will fail.  To work around this, we leave
the relative components and simply remove the trailing components one
at a time, and bail out when we find a parent component.  This will
still fail for paths like "worlds/foo/noexist/../auth.txt" (the path
before the last parent component must not exist), but this is fine
since you won't be able to open a file with a path like that anyways
(the O.S. will determine that the path doesn't exist.
Try `cat /a/../etc/passwd`).
2016-12-20 17:17:38 +10:00
ShadowNinja
59f84ca0a0 Mod security: Allow read-only access to all mod paths 2016-12-20 06:34:04 +00:00
ShadowNinja
3af5eef964 Fix secure io.lines
It used to drop all of the return values from the
insecure version of the function.
2016-11-24 10:10:20 -05:00
ShadowNinja
9e10f9f49a Fix secure io.open without mode 2016-11-24 09:58:21 -05:00
Zeno-
b5c84c34ce Fix memory leak in ::safeLoadFile (#4730) 2016-11-05 15:10:49 +10:00
David Carlier
48b3bb980d couple of memory leaks fixes. 2016-08-10 16:59:32 +02:00
Zeno-
a9bc7dc405 Remove unused code in s_security.cpp (#4172)
Note that the macro CHECK_FILE_ERR implements the code removed
2016-05-30 22:37:40 +10:00
ShadowNinja
abd4a79acb Remove debug.getupvalue from the Lua sandbox whitelist
This function could be used to steal insecure environments from trusted mods.
2016-03-03 00:09:05 -05:00
Kahrl
8658c8d9b5 Use numeric indices and raw table access with LUA_REGISTRYINDEX 2015-08-27 01:56:06 +02:00
est31
502e40a649 dofile error reporting for syntax errors
According to doc, dofile() raises an error when parsing failed due to syntax errors.
Fixes #2775
2015-06-12 20:23:31 +02:00
SmallJoker
39869aaa25 Fix Windows build, clean up included headers
Also fix a startup error caused by s_security.cpp
2015-05-22 20:37:59 +02:00
ShadowNinja
3a8c788880 Add mod security
Due to compatibility concerns, this is temporarily disabled.
2015-05-16 18:32:31 -04:00