diff options
| author | Panu Matilainen <pmatilai@redhat.com> | 2010-11-15 09:36:17 +0200 |
|---|---|---|
| committer | Panu Matilainen <pmatilai@redhat.com> | 2010-11-15 09:49:14 +0200 |
| commit | f8752d2ca3bdaa3162f681b5c6f7973c3e171171 (patch) | |
| tree | 84926f574a6df4fa6a249315f2153ceaec674d6f /luaext | |
| parent | 3ce48d03062843a68837917064d51ebdff834a4b (diff) | |
| download | librpm-tizen-f8752d2ca3bdaa3162f681b5c6f7973c3e171171.tar.gz librpm-tizen-f8752d2ca3bdaa3162f681b5c6f7973c3e171171.tar.bz2 librpm-tizen-f8752d2ca3bdaa3162f681b5c6f7973c3e171171.zip | |
Basic protection against Lua os.exit() and posix.exec() (ticket #167)
- Track posix.fork() and only allow exit() and exec() if the script
has forked. There are other questionable items in posix extensions
too but these are the worst offenders.
- Using Lua registry for tracking forked status might be more Lua-way
option but this'll do for now.
Diffstat (limited to 'luaext')
| -rw-r--r-- | luaext/lposix.c | 39 | ||||
| -rw-r--r-- | luaext/lposix.h | 1 |
2 files changed, 38 insertions, 2 deletions
diff --git a/luaext/lposix.c b/luaext/lposix.c index 5b26e0c8f..3b251571d 100644 --- a/luaext/lposix.c +++ b/luaext/lposix.c @@ -42,6 +42,8 @@ #include "modemuncher.c" +static int have_forked = 0; + static const char *filetype(mode_t m) { if (S_ISREG(m)) return "regular"; @@ -323,7 +325,12 @@ static int Pexec(lua_State *L) /** exec(path,[args]) */ { const char *path = luaL_checkstring(L, 1); int i,n=lua_gettop(L); - char **argv = malloc((n+1)*sizeof(char*)); + char **argv; + + if (!have_forked) + return luaL_error(L, "exec not permitted in this context"); + + argv = malloc((n+1)*sizeof(char*)); if (argv==NULL) return luaL_error(L,"not enough memory"); argv[0] = (char*)path; for (i=1; i<n; i++) argv[i] = (char*)luaL_checkstring(L, i+1); @@ -335,7 +342,11 @@ static int Pexec(lua_State *L) /** exec(path,[args]) */ static int Pfork(lua_State *L) /** fork() */ { - return pushresult(L, fork(), NULL); + pid_t pid = fork(); + if (pid == 0) { + have_forked = 1; + } + return pushresult(L, pid, NULL); } @@ -852,3 +863,27 @@ LUALIB_API int luaopen_posix (lua_State *L) lua_settable(L,-3); return 1; } + +/* RPM specific overrides for Lua standard library */ + +static int exit_override(lua_State *L) +{ + if (!have_forked) + return luaL_error(L, "exit not permitted in this context"); + + exit(luaL_optint(L, 1, EXIT_SUCCESS)); +} + +static const luaL_reg os_overrides[] = +{ + {"exit", exit_override}, + {NULL, NULL} +}; + +int luaopen_rpm_os(lua_State *L) +{ + lua_pushvalue(L, LUA_GLOBALSINDEX); + luaL_openlib(L, "os", os_overrides, 0); + return 0; +} + diff --git a/luaext/lposix.h b/luaext/lposix.h index e1e819cb3..1f9afe980 100644 --- a/luaext/lposix.h +++ b/luaext/lposix.h @@ -2,5 +2,6 @@ #define LPOSIX_H int luaopen_posix (lua_State *L); +int luaopen_rpm_os (lua_State *L); #endif |