Return binary chunks support in safe mode.
Lua has many ways to load binary bytecode and this restriction was easy to bypass.
This commit is contained in:
parent
32124b31a0
commit
1e61d1dadc
15
src/lua.rs
15
src/lua.rs
|
@ -1135,11 +1135,7 @@ impl Lua {
|
|||
/// similar on the returned builder. Code is not even parsed until one of these methods is
|
||||
/// called.
|
||||
///
|
||||
/// If this `Lua` was created with [`unsafe_new`], `load` will automatically detect and load
|
||||
/// chunks of either text or binary type, as if passing `bt` mode to `luaL_loadbufferx`.
|
||||
///
|
||||
/// [`Chunk::exec`]: crate::Chunk::exec
|
||||
/// [`unsafe_new`]: #method.unsafe_new
|
||||
#[track_caller]
|
||||
pub fn load<'lua, 'a, S>(&'lua self, source: &'a S) -> Chunk<'lua, 'a>
|
||||
where
|
||||
|
@ -1171,19 +1167,8 @@ impl Lua {
|
|||
check_stack(self.state, 1)?;
|
||||
|
||||
let mode_str = match mode {
|
||||
Some(ChunkMode::Binary) if self.safe => {
|
||||
return Err(Error::SafetyError(
|
||||
"binary chunks are disabled in safe mode".to_string(),
|
||||
))
|
||||
}
|
||||
Some(ChunkMode::Binary) => cstr!("b"),
|
||||
Some(ChunkMode::Text) => cstr!("t"),
|
||||
#[cfg(not(feature = "luau"))]
|
||||
None if source.starts_with(ffi::LUA_SIGNATURE) && self.safe => {
|
||||
return Err(Error::SafetyError(
|
||||
"binary chunks are disabled in safe mode".to_string(),
|
||||
))
|
||||
}
|
||||
None => cstr!("bt"),
|
||||
};
|
||||
|
||||
|
|
|
@ -47,23 +47,6 @@ fn test_safety() -> Result<()> {
|
|||
Err(e) => panic!("expected RuntimeError, got {:?}", e),
|
||||
Ok(_) => panic!("expected RuntimeError, got no error"),
|
||||
}
|
||||
|
||||
match lua.load("1 + 1").set_mode(ChunkMode::Binary).exec() {
|
||||
Err(Error::SafetyError(msg)) => {
|
||||
assert!(msg.contains("binary chunks are disabled in safe mode"))
|
||||
}
|
||||
Err(e) => panic!("expected SafetyError, got {:?}", e),
|
||||
Ok(_) => panic!("expected SafetyError, got no error"),
|
||||
}
|
||||
|
||||
let bytecode = lua.load("return 1 + 1").into_function()?.dump(true);
|
||||
match lua.load(&bytecode).exec() {
|
||||
Err(Error::SafetyError(msg)) => {
|
||||
assert!(msg.contains("binary chunks are disabled in safe mode"))
|
||||
}
|
||||
Err(e) => panic!("expected SafetyError, got {:?}", e),
|
||||
Ok(_) => panic!("expected SafetyError, got no error"),
|
||||
}
|
||||
drop(lua);
|
||||
|
||||
// Test safety rules after dynamically loading `package` library
|
||||
|
|
Loading…
Reference in New Issue