[lua] provide and use li_lua_new_protected_metatable to prevent tampering with metatables

Change-Id: Ifda5a1465c8fc291f0f09490a9f6e2c3f6b27504
2 years ago · 3bf903c398
parent 53337c81d4
commit 3bf903c398
20 changed files with 32 additions and 73 deletions
--- a/include/lighttpd/config_lua.h
+++ b/include/lighttpd/config_lua.h
@ -2,8 +2,7 @@
 #define _LIGHTTPD_CONFIG_LUA_H_

 #include <lighttpd/base.h>
-
-#include <lualib.h>
+#include <lua.h>

 LI_API gboolean li_config_lua_load(liLuaState *LL, liServer *srv, liWorker *wrk, const gchar *filename, liAction **pact, gboolean allow_setup, liValue *args);

--- a/include/lighttpd/core_lua.h
+++ b/include/lighttpd/core_lua.h
@ -3,6 +3,7 @@

 #include <lighttpd/base.h>
 #include <lua.h>
+#include <lauxlib.h>

 #define LI_LUA_REGISTRY_STATE   "lighttpd.state"
 #define LI_LUA_REGISTRY_SERVER  "lighttpd.server"
@ -16,6 +17,7 @@ INLINE void li_lua_unlock(liLuaState *LL);

 /* expect (meta)table at top of the stack */
 INLINE void li_lua_protect_metatable(lua_State *L);
+INLINE int li_lua_new_protected_metatable(lua_State *L, const char *tname);

 /* chunk_lua.c */
 LI_API void li_lua_init_chunk_mt(lua_State *L);
@ -146,4 +148,12 @@ INLINE void li_lua_protect_metatable(lua_State *L) {
 	lua_setfield(L, -2, "__metatable");
 }

+INLINE int li_lua_new_protected_metatable(lua_State *L, const char *tname) {
+	int r = luaL_newmetatable(L, tname);
+	if (r) {
+		li_lua_protect_metatable(L);
+	}
+	return r;
+}
+
 #endif
--- a/src/main/actions_lua.c
+++ b/src/main/actions_lua.c
@ -3,9 +3,6 @@
 #include <lighttpd/config_lua.h>
 #include <lighttpd/core_lua.h>

-#include <lualib.h>
-#include <lauxlib.h>
-
 #define LUA_ACTION "liAction*"

 static int lua_action_gc(lua_State *L) {
@ -30,7 +27,7 @@ static HEDLEY_NEVER_INLINE void init_action_mt(liServer *srv, lua_State *L) {
 }

 static void lua_push_action_metatable(liServer *srv, lua_State *L) {
-	if (luaL_newmetatable(L, LUA_ACTION)) {
+	if (li_lua_new_protected_metatable(L, LUA_ACTION)) {
 		init_action_mt(srv, L);
 	}
 }
--- a/src/main/base_lua.c
+++ b/src/main/base_lua.c
@ -4,7 +4,6 @@
 #ifdef HAVE_LUA_H
 # include <lighttpd/core_lua.h>
 # include <lualib.h>
-# include <lauxlib.h>
 #endif

 #ifdef HAVE_LUA_H
--- a/src/main/chunk_lua.c
+++ b/src/main/chunk_lua.c
@ -1,9 +1,6 @@

 #include <lighttpd/core_lua.h>

-#include <lualib.h>
-#include <lauxlib.h>
-
 #include <sys/stat.h>

 #define LUA_CHUNK "liChunk*"
@ -15,7 +12,7 @@ static HEDLEY_NEVER_INLINE void init_chunk_mt(lua_State *L) {
 }

 static void lua_push_chunk_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_CHUNK)) {
+	if (li_lua_new_protected_metatable(L, LUA_CHUNK)) {
 		init_chunk_mt(L);
 	}
 }
@ -271,7 +268,7 @@ static HEDLEY_NEVER_INLINE void init_chunkqueue_mt(lua_State *L) {
 }

 static void lua_push_chunkqueue_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_CHUNKQUEUE)) {
+	if (li_lua_new_protected_metatable(L, LUA_CHUNKQUEUE)) {
 		init_chunkqueue_mt(L);
 	}
 }
--- a/src/main/condition_lua.c
+++ b/src/main/condition_lua.c
@ -1,10 +1,8 @@

+#include <lighttpd/core_lua.h>
 #include <lighttpd/condition_lua.h>
 #include <lighttpd/value_lua.h>

-#include <lualib.h>
-#include <lauxlib.h>
-
 #define LUA_CONDITION "liCondition*"
 #define LUA_COND_LVALUE "liConditionLValue*"
 #define LUA_COND_LVALUE_T "liCondLValue"
@ -118,7 +116,7 @@ static HEDLEY_NEVER_INLINE void init_condition_mt(liServer *srv, lua_State *L) {
 }

 static void lua_push_condition_metatable(liServer *srv, lua_State *L) {
-	if (luaL_newmetatable(L, LUA_CONDITION)) {
+	if (li_lua_new_protected_metatable(L, LUA_CONDITION)) {
 		init_condition_mt(srv, L);
 	}
 }
@ -223,7 +221,7 @@ static HEDLEY_NEVER_INLINE void init_cond_lvalue_mt(liServer *srv, lua_State *L)
 }

 static void lua_push_cond_lvalue_metatable(liServer *srv, lua_State *L) {
-	if (luaL_newmetatable(L, LUA_COND_LVALUE)) {
+	if (li_lua_new_protected_metatable(L, LUA_COND_LVALUE)) {
 		init_cond_lvalue_mt(srv, L);
 	}
 }
@ -264,7 +262,7 @@ static HEDLEY_NEVER_INLINE void init_cond_lvalue_t_mt(liServer *srv, lua_State *
 }

 static void lua_push_cond_lvalue_t_metatable(liServer *srv, lua_State *L) {
-	if (luaL_newmetatable(L, LUA_COND_LVALUE_T)) {
+	if (li_lua_new_protected_metatable(L, LUA_COND_LVALUE_T)) {
 		init_cond_lvalue_t_mt(srv, L);
 	}
 }
--- a/src/main/config_lua.c
+++ b/src/main/config_lua.c
@ -6,9 +6,6 @@

 #include <lighttpd/core_lua.h>

-#include <lualib.h>
-#include <lauxlib.h>
-
 typedef int (*LuaWrapper)(liServer *srv, liWorker *wrk, lua_State *L, const char *key);

 static liValue* lua_params_to_value(liServer *srv, lua_State *L) {
--- a/src/main/core_lua.c
+++ b/src/main/core_lua.c
@ -4,9 +4,6 @@
 #include <lighttpd/condition_lua.h>
 #include <lighttpd/value_lua.h>

-#include <lualib.h>
-#include <lauxlib.h>
-
 liLuaState *li_lua_state_get(lua_State *L) {
 	liLuaState *LL;

--- a/src/main/environment_lua.c
+++ b/src/main/environment_lua.c
@ -1,9 +1,6 @@

 #include <lighttpd/core_lua.h>

-#include <lualib.h>
-#include <lauxlib.h>
-
 #define LUA_ENVIRONMENT "liEnvironment*"

 static int lua_environment_get(lua_State *L) {
@ -118,7 +115,7 @@ static HEDLEY_NEVER_INLINE void init_env_mt(lua_State *L) {
 }

 static void lua_push_environment_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_ENVIRONMENT)) {
+	if (li_lua_new_protected_metatable(L, LUA_ENVIRONMENT)) {
 		init_env_mt(L);
 	}
 }
--- a/src/main/filters_lua.c
+++ b/src/main/filters_lua.c
@ -3,9 +3,6 @@
 #include <lighttpd/core_lua.h>
 #include <lighttpd/actions_lua.h>

-#include <lualib.h>
-#include <lauxlib.h>
-
 #define LUA_FILTER "liFilter*"

 typedef int (*lua_Filter_Attrib)(liFilter *f, lua_State *L);
@ -116,7 +113,7 @@ static HEDLEY_NEVER_INLINE void init_filter_mt(lua_State *L) {
 }

 static void lua_push_filter_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_FILTER)) {
+	if (li_lua_new_protected_metatable(L, LUA_FILTER)) {
 		init_filter_mt(L);
 	}
 }
--- a/src/main/http_headers_lua.c
+++ b/src/main/http_headers_lua.c
@ -1,9 +1,6 @@

 #include <lighttpd/core_lua.h>

-#include <lualib.h>
-#include <lauxlib.h>
-
 #define LUA_HTTPHEADERS "liHttpHeaders*"

 static int lua_http_headers_get(lua_State *L) {
@ -206,7 +203,7 @@ static HEDLEY_NEVER_INLINE void init_http_headers_mt(lua_State *L) {
 }

 static void lua_push_http_headers_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_HTTPHEADERS)) {
+	if (li_lua_new_protected_metatable(L, LUA_HTTPHEADERS)) {
 		init_http_headers_mt(L);
 	}
 }
--- a/src/main/physical_lua.c
+++ b/src/main/physical_lua.c
@ -1,9 +1,6 @@

 #include <lighttpd/core_lua.h>

-#include <lualib.h>
-#include <lauxlib.h>
-
 #define LUA_PHYSICAL "liPhysical*"

 typedef int (*lua_Physical_Attrib)(liPhysical *phys, lua_State *L);
@ -132,7 +129,7 @@ static HEDLEY_NEVER_INLINE void init_physical_mt(lua_State *L) {
 }

 static void lua_push_physical_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_PHYSICAL)) {
+	if (li_lua_new_protected_metatable(L, LUA_PHYSICAL)) {
 		init_physical_mt(L);
 	}
 }
--- a/src/main/request_lua.c
+++ b/src/main/request_lua.c
@ -1,9 +1,6 @@

 #include <lighttpd/core_lua.h>

-#include <lualib.h>
-#include <lauxlib.h>
-
 #define LUA_REQUEST "liRequest*"
 #define LUA_REQUESTURI "liRequestUri*"

@ -148,7 +145,7 @@ static HEDLEY_NEVER_INLINE void init_request_mt(lua_State *L) {
 }

 static void lua_push_request_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_REQUEST)) {
+	if (li_lua_new_protected_metatable(L, LUA_REQUEST)) {
 		init_request_mt(L);
 	}
 }
@ -289,7 +286,7 @@ static HEDLEY_NEVER_INLINE void init_requesturi_mt(lua_State *L) {
 }

 static void lua_push_requesturi_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_REQUESTURI)) {
+	if (li_lua_new_protected_metatable(L, LUA_REQUESTURI)) {
 		init_requesturi_mt(L);
 	}
 }
--- a/src/main/response_lua.c
+++ b/src/main/response_lua.c
@ -1,9 +1,6 @@

 #include <lighttpd/core_lua.h>

-#include <lualib.h>
-#include <lauxlib.h>
-
 #define LUA_RESPONSE "liResponse*"

 typedef int (*lua_Response_Attrib)(liResponse *resp, lua_State *L);
@ -127,7 +124,7 @@ static HEDLEY_NEVER_INLINE void init_response_mt(lua_State *L) {
 }

 static void lua_push_response_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_RESPONSE)) {
+	if (li_lua_new_protected_metatable(L, LUA_RESPONSE)) {
 		init_response_mt(L);
 	}
 }
--- a/src/main/stat_lua.c
+++ b/src/main/stat_lua.c
@ -1,10 +1,6 @@

 #include <lighttpd/core_lua.h>

-#include <lualib.h>
-#include <lauxlib.h>
-
-
 /* struct stat */
 #define LUA_STAT "struct stat"

@ -211,7 +207,7 @@ static HEDLEY_NEVER_INLINE void init_stat_mt(lua_State *L) {
 }

 static void lua_push_stat_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_STAT)) {
+	if (li_lua_new_protected_metatable(L, LUA_STAT)) {
 		init_stat_mt(L);
 	}
 }
--- a/src/main/subrequest_lua.c
+++ b/src/main/subrequest_lua.c
@ -2,9 +2,6 @@
 #include <lighttpd/core_lua.h>
 #include <lighttpd/actions_lua.h>

-#include <lualib.h>
-#include <lauxlib.h>
-
 typedef struct liSubrequest liSubrequest;
 struct liSubrequest {
 	liWorker *wrk;
@ -161,7 +158,7 @@ static HEDLEY_NEVER_INLINE void init_subrequest_mt(lua_State *L) {
 }

 static void lua_push_subrequest_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_SUBREQUEST)) {
+	if (li_lua_new_protected_metatable(L, LUA_SUBREQUEST)) {
 		init_subrequest_mt(L);
 	}
 }
--- a/src/main/value_lua.c
+++ b/src/main/value_lua.c
@ -4,8 +4,6 @@
 #include <lighttpd/actions_lua.h>
 #include <lighttpd/core_lua.h>

-#include <lauxlib.h>
-
 #define LUA_KVLIST_VALUE "li KeyValue list (string, liValue*)"

 static int lua_kvlist_index(lua_State *L) {
@ -63,7 +61,7 @@ static HEDLEY_NEVER_INLINE void init_kvlist_mt(lua_State *L) {
 }

 static void lua_push_kvlist_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_KVLIST_VALUE)) {
+	if (li_lua_new_protected_metatable(L, LUA_KVLIST_VALUE)) {
 		init_kvlist_mt(L);
 	}
 }
--- a/src/main/virtualrequest_lua.c
+++ b/src/main/virtualrequest_lua.c
@ -2,9 +2,6 @@
 #include <lighttpd/core_lua.h>
 #include <lighttpd/actions_lua.h>

-#include <lualib.h>
-#include <lauxlib.h>
-
 #define LUA_VREQUEST "liVRequest*"

 typedef int (*lua_VRequest_Attrib)(liVRequest *vr, lua_State *L);
@ -345,7 +342,7 @@ static HEDLEY_NEVER_INLINE void init_vrequest_mt(lua_State *L) {
 }

 static void lua_push_vrequest_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_VREQUEST)) {
+	if (li_lua_new_protected_metatable(L, LUA_VREQUEST)) {
 		init_vrequest_mt(L);
 	}
 }
@ -493,7 +490,7 @@ static HEDLEY_NEVER_INLINE void init_coninfo_mt(lua_State *L) {
 }

 static void lua_push_coninfo_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_CONINFO)) {
+	if (li_lua_new_protected_metatable(L, LUA_CONINFO)) {
 		init_coninfo_mt(L);
 	}
 }
--- a/src/modules/mod_lua.c
+++ b/src/modules/mod_lua.c
@ -18,9 +18,6 @@
 #include <lighttpd/value_lua.h>
 #include <lighttpd/actions_lua.h>

-#include <lualib.h>
-#include <lauxlib.h>
-
 #ifndef DEFAULT_LUADIR
 #define DEFAULT_LUADIR "/usr/local/share/lighttpd2/lua"
 #endif
--- a/src/modules/mod_memcached.c
+++ b/src/modules/mod_memcached.c
@ -16,8 +16,6 @@

 #ifdef HAVE_LUA_H
 # include <lighttpd/core_lua.h>
-# include <lualib.h>
-# include <lauxlib.h>
 #endif

 LI_API gboolean mod_memcached_init(liModules *mods, liModule *mod);
@ -920,7 +918,7 @@ static HEDLEY_NEVER_INLINE void init_mc_con_mt(lua_State *L) {
 }

 static void lua_push_mc_con_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_MEMCACHEDCON)) {
+	if (li_lua_new_protected_metatable(L, LUA_MEMCACHEDCON)) {
 		init_mc_con_mt(L);
 	}
 }
@ -997,7 +995,7 @@ static HEDLEY_NEVER_INLINE void init_mc_req_mt(lua_State *L) {
 }

 static void lua_push_mc_req_metatable(lua_State *L) {
-	if (luaL_newmetatable(L, LUA_MEMCACHEDREQUEST)) {
+	if (li_lua_new_protected_metatable(L, LUA_MEMCACHEDREQUEST)) {
 		init_mc_req_mt(L);
 	}
 }