s__security_8h_source.html

// Luanti

// SPDX-License-Identifier: LGPL-2.1-or-later

// Copyright (C) 2013 celeron55, Perttu Ahola <celeron55@gmail.com>


#pragma once


#include "cpp_api/s_base.h"


#define CHECK_SECURE_PATH_INTERNAL(L, path, write_required, ptr) \

        if (!ScriptApiSecurity::checkPath(L, path, write_required, ptr)) { \

                throw LuaError(std::string("Mod security: Blocked attempted ") + \

                                (write_required ? "write to " : "read from ") + path); \

        }


#define CHECK_SECURE_PATH(L, path, write_required) \

        if (ScriptApiSecurity::isSecure(L)) { \

                CHECK_SECURE_PATH_INTERNAL(L, path, write_required, NULL); \

        }


#define CHECK_SECURE_PATH_POSSIBLE_WRITE(L, path, ptr) \

        if (ScriptApiSecurity::isSecure(L)) { \

                CHECK_SECURE_PATH_INTERNAL(L, path, false, ptr); \

        }


class ScriptApiSecurity : virtual public ScriptApiBase

{

public:

        // Sets up security on the ScriptApi's Lua state

        void initializeSecurity();

        void initializeSecurityClient();

        // Checks if the Lua state has been secured

        static bool isSecure(lua_State *L);

        // Loads a string as Lua code safely (doesn't allow bytecode).

        static bool safeLoadString(lua_State *L, const std::string &code, const char *chunk_name);

        // Loads a file as Lua code safely (doesn't allow bytecode).

        static bool safeLoadFile(lua_State *L, const char *path, const char *display_name = NULL);

        // Check if mod is whitelisted in the given setting

        // This additionally checks that the mod's main file scope is executing.

        static bool checkWhitelisted(lua_State *L, const std::string &setting);

        // Checks if mods are allowed to read (and optionally write) to the path

        static bool checkPath(lua_State *L, const char *path, bool write_required,

                        bool *write_allowed=NULL);


private:

        int getThread(lua_State *L);

        // sets the enviroment to the table thats on top of the stack

        void setLuaEnv(lua_State *L, int thread);

        // creates an empty Lua environment

        void createEmptyEnv(lua_State *L);


        // Syntax: "sl_" <Library name or 'g' (global)> '_' <Function name>

        // (sl stands for Secure Lua)


        static int sl_g_dofile(lua_State *L);

        static int sl_g_load(lua_State *L);

        static int sl_g_loadfile(lua_State *L);

        static int sl_g_loadstring(lua_State *L);

        static int sl_g_require(lua_State *L);


        static int sl_io_open(lua_State *L);

        static int sl_io_input(lua_State *L);

        static int sl_io_output(lua_State *L);

        static int sl_io_lines(lua_State *L);


        static int sl_os_rename(lua_State *L);

        static int sl_os_remove(lua_State *L);

        static int sl_os_setlocale(lua_State *L);

};


ScriptApiBase
Definition s_base.h:64

ScriptApiSecurity
Definition s_security.h:26

ScriptApiSecurity::sl_os_remove
static int sl_os_remove(lua_State *L)
Definition s_security.cpp:893

ScriptApiSecurity::sl_os_setlocale
static int sl_os_setlocale(lua_State *L)
Definition s_security.cpp:906

ScriptApiSecurity::initializeSecurityClient
void initializeSecurityClient()
Definition s_security.cpp:263

ScriptApiSecurity::initializeSecurity
void initializeSecurity()
Definition s_security.cpp:62

ScriptApiSecurity::safeLoadFile
static bool safeLoadFile(lua_State *L, const char *path, const char *display_name=NULL)
Definition s_security.cpp:434

ScriptApiSecurity::sl_g_loadstring
static int sl_g_loadstring(lua_State *L)
Definition s_security.cpp:772

ScriptApiSecurity::checkPath
static bool checkPath(lua_State *L, const char *path, bool write_required, bool *write_allowed=NULL)
Definition s_security.cpp:525

ScriptApiSecurity::getThread
int getThread(lua_State *L)
Definition s_security.cpp:378

ScriptApiSecurity::sl_g_require
static int sl_g_require(lua_State *L)
Definition s_security.cpp:795

ScriptApiSecurity::sl_os_rename
static int sl_os_rename(lua_State *L)
Definition s_security.cpp:875

ScriptApiSecurity::sl_io_open
static int sl_io_open(lua_State *L)
Definition s_security.cpp:802

ScriptApiSecurity::sl_g_loadfile
static int sl_g_loadfile(lua_State *L)
Definition s_security.cpp:729

ScriptApiSecurity::sl_io_input
static int sl_io_input(lua_State *L)
Definition s_security.cpp:830

ScriptApiSecurity::sl_io_lines
static int sl_io_lines(lua_State *L)
Definition s_security.cpp:858

ScriptApiSecurity::sl_g_dofile
static int sl_g_dofile(lua_State *L)
Definition s_security.cpp:675

ScriptApiSecurity::createEmptyEnv
void createEmptyEnv(lua_State *L)
Definition s_security.cpp:389

ScriptApiSecurity::isSecure
static bool isSecure(lua_State *L)
Definition s_security.cpp:409

ScriptApiSecurity::safeLoadString
static bool safeLoadString(lua_State *L, const std::string &code, const char *chunk_name)
Definition s_security.cpp:423

ScriptApiSecurity::sl_io_output
static int sl_io_output(lua_State *L)
Definition s_security.cpp:844

ScriptApiSecurity::sl_g_load
static int sl_g_load(lua_State *L)
Definition s_security.cpp:690

ScriptApiSecurity::checkWhitelisted
static bool checkWhitelisted(lua_State *L, const std::string &setting)
Definition s_security.cpp:518

ScriptApiSecurity::setLuaEnv
void setLuaEnv(lua_State *L, int thread)
Definition s_security.cpp:396

s_base.h