lua-stdlib 0.0.20

A Lua 5.4 interpreter implemented in safe Rust.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60

//! Shared sandbox helpers: the canonical strict capability-strip list and a
//! global-stripping routine, used by both the CLI `--sandbox` flag and
//! `lua-rs-runtime`'s `SandboxConfig::strict()` so the dangerous-globals list
//! has a single source of truth.
//!
//! The instruction and memory budget itself is installed separately via
//! [`lua_vm::state::LuaState::install_sandbox_limits`]; capability stripping is
//! defense-in-depth on top of the host-hook gating.

use lua_types::value::LuaValue;
use lua_types::LuaError;

use crate::state_stub::LuaState;

/// Globals removed by the strict sandbox preset: the code-loading and
/// host-access surfaces. A `.`-separated entry nils a field of a sub-table
/// (e.g. `os.execute`); a bare name nils a top-level global.
pub const STRICT_REMOVED_GLOBALS: &[&[u8]] = &[
    b"dofile",
    b"loadfile",
    b"load",
    b"loadstring",
    b"require",
    b"package",
    b"io",
    b"debug",
    b"os.execute",
    b"os.exit",
    b"os.remove",
    b"os.rename",
    b"os.tmpname",
    b"os.getenv",
    b"os.setlocale",
];

/// Delete the named globals from `_G`. Each entry is either a bare global name
/// or a `head.tail` path naming a field of a sub-table.
pub fn strip_globals(state: &mut LuaState, names: &[&[u8]]) -> Result<(), LuaError> {
    let globals = match state.global().globals.clone() {
        LuaValue::Table(t) => t,
        _ => return Ok(()),
    };
    for name in names {
        match name.iter().position(|&b| b == b'.') {
            Some(dot) => {
                let head = &name[..dot];
                let tail = &name[dot + 1..];
                if let LuaValue::Table(sub) = globals.get_str_bytes(head) {
                    let key = LuaValue::Str(state.new_string(tail)?);
                    sub.raw_set(key, LuaValue::Nil);
                }
            }
            None => {
                let key = LuaValue::Str(state.new_string(name)?);
                globals.raw_set(key, LuaValue::Nil);
            }
        }
    }
    Ok(())
}