diff options
author | Kartik K. Agaram <vc@akkartik.com> | 2022-03-07 15:40:28 -0800 |
---|---|---|
committer | Kartik K. Agaram <vc@akkartik.com> | 2022-03-07 15:40:28 -0800 |
commit | f268015ac089d26f9bb957dad53e94ae78a3d8a8 (patch) | |
tree | c5a4cbbdb1b7bed93be954c257d5df8615188d2e /src/lua.c | |
parent | cfb7cff4c111959779710d0c8a9a89f108a9e8d1 (diff) | |
download | teliva-f268015ac089d26f9bb957dad53e94ae78a3d8a8.tar.gz |
fix the security vulnerability
We now have a notion of libraries that we load after app code, to prevent them from getting overridden. Should I just load all libraries after the app? There might be value in allowing apps to override library functions. Disallowing that too much may be going against Lua's dynamic nature.
Diffstat (limited to 'src/lua.c')
-rw-r--r-- | src/lua.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/lua.c b/src/lua.c index b853226..263d89c 100644 --- a/src/lua.c +++ b/src/lua.c @@ -213,6 +213,7 @@ static int pmain (lua_State *L) { globalL = L; if (argv[0] && argv[0][0]) progname = argv[0]; lua_gc(L, LUA_GCSTOP, 0); /* stop collector during initialization */ + /* Libraries that can be over-ridden */ luaL_openlibs(L); status = dorequire(L, "src/lcurses/curses.lua", "curses"); if (status != 0) return 0; @@ -238,13 +239,14 @@ static int pmain (lua_State *L) { if (status != 0) return 0; status = dorequire(L, "src/task.lua", "task"); if (status != 0) return 0; - status = dorequire(L, "src/file.lua", "file"); - if (status != 0) return 0; lua_gc(L, LUA_GCRESTART, 0); s->status = handle_luainit(L); if (s->status != 0) return 0; s->status = load_image(L, argv, 1); if (s->status != 0) return 0; + /* Security-sensitive libraries that cannot be over-ridden */ + status = dorequire(L, "src/file.lua", "file"); + if (status != 0) return 0; /* call main() */ lua_getglobal(L, "spawn_main"); s->status = docall(L, 0, 1); |