Luacontroller: Add safe version of string.rep and remove string.gsub,

fixes #255
This commit is contained in:
Jeija 2016-03-13 22:01:46 +01:00
parent 08b14e3af0
commit 1e77b193dd

@ -205,6 +205,16 @@ local function safe_date()
return(os.date("*t",os.time())) return(os.date("*t",os.time()))
end end
-- string.rep(str, n) with a high value for n can be used to DoS
-- the server. Therefore, limit max. length of generated string.
local function safe_string_rep(str, n)
if #str * n > mesecon.setting("luacontroller_string_rep_max", 64000) then
error("string.rep: string length overflow", 2)
end
return string.rep(str, n)
end
local function remove_functions(x) local function remove_functions(x)
local tp = type(x) local tp = type(x)
if tp == "table" then if tp == "table" then
@ -275,11 +285,10 @@ local function create_environment(pos, mem, event)
byte = string.byte, byte = string.byte,
char = string.char, char = string.char,
format = string.format, format = string.format,
gsub = string.gsub,
len = string.len, len = string.len,
lower = string.lower, lower = string.lower,
upper = string.upper, upper = string.upper,
rep = string.rep, rep = safe_string_rep,
reverse = string.reverse, reverse = string.reverse,
sub = string.sub, sub = string.sub,
}, },
@ -339,7 +348,6 @@ end
local function timeout() local function timeout()
debug.sethook() -- Clear hook
error("Code timed out!", 2) error("Code timed out!", 2)
end end