9ec94aa982
Teliva's model doesn't include any way to change directory. We just have relative paths and absolute paths. Relative paths should not be able to reach into parent directories. The current test is a bit hacky; it also disallows directories ending in a period. Hopefully not an issue.
436 lines
11 KiB
C
436 lines
11 KiB
C
/*
|
|
** $Id: liolib.c,v 2.73.1.4 2010/05/14 15:33:51 roberto Exp $
|
|
** Standard I/O (and system) library
|
|
** See Copyright Notice in lua.h
|
|
*/
|
|
|
|
|
|
#include <errno.h>
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <ncurses.h>
|
|
|
|
#define liolib_c
|
|
#define LUA_LIB
|
|
|
|
#include "lua.h"
|
|
#include "lauxlib.h"
|
|
#include "lualib.h"
|
|
#include "teliva.h"
|
|
|
|
|
|
|
|
static int pushresult (lua_State *L, int i, const char *filename) {
|
|
int en = errno; /* calls to Lua API may change this value */
|
|
if (i) {
|
|
lua_pushboolean(L, 1);
|
|
return 1;
|
|
}
|
|
else {
|
|
lua_pushnil(L);
|
|
if (filename)
|
|
lua_pushfstring(L, "%s: %s", filename, strerror(en));
|
|
else
|
|
lua_pushfstring(L, "%s", strerror(en));
|
|
lua_pushinteger(L, en);
|
|
return 3;
|
|
}
|
|
}
|
|
|
|
|
|
#define tofilep(L) ((FILE **)luaL_checkudata(L, 1, LUA_FILEHANDLE))
|
|
|
|
|
|
static int io_type (lua_State *L) {
|
|
void *ud;
|
|
luaL_checkany(L, 1);
|
|
ud = lua_touserdata(L, 1);
|
|
lua_getfield(L, LUA_REGISTRYINDEX, LUA_FILEHANDLE);
|
|
if (ud == NULL || !lua_getmetatable(L, 1) || !lua_rawequal(L, -2, -1))
|
|
lua_pushnil(L); /* not a file */
|
|
else if (*((FILE **)ud) == NULL)
|
|
lua_pushliteral(L, "closed file");
|
|
else
|
|
lua_pushliteral(L, "file");
|
|
return 1;
|
|
}
|
|
|
|
|
|
static FILE *tofile (lua_State *L) {
|
|
FILE **f = tofilep(L);
|
|
if (*f == NULL)
|
|
luaL_error(L, "attempt to use a closed file");
|
|
return *f;
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
** When creating file handles, always creates a `closed' file handle
|
|
** before opening the actual file; so, if there is a memory error, the
|
|
** file is not left opened.
|
|
*/
|
|
static FILE **newfile (lua_State *L) {
|
|
FILE **pf = (FILE **)lua_newuserdata(L, sizeof(FILE *));
|
|
*pf = NULL; /* file handle is currently `closed' */
|
|
luaL_getmetatable(L, LUA_FILEHANDLE);
|
|
lua_setmetatable(L, -2);
|
|
return pf;
|
|
}
|
|
|
|
|
|
/*
|
|
** function to close regular files
|
|
*/
|
|
static int io_fclose (lua_State *L) {
|
|
FILE **p = tofilep(L);
|
|
int ok = (fclose(*p) == 0);
|
|
*p = NULL;
|
|
return pushresult(L, ok, NULL);
|
|
}
|
|
|
|
|
|
static int aux_close (lua_State *L) {
|
|
lua_getfenv(L, 1);
|
|
lua_getfield(L, -1, "__close");
|
|
return (lua_tocfunction(L, -1))(L);
|
|
}
|
|
|
|
|
|
static int io_close (lua_State *L) {
|
|
tofile(L); /* make sure argument is a file */
|
|
return aux_close(L);
|
|
}
|
|
|
|
|
|
static int io_gc (lua_State *L) {
|
|
FILE *f = *tofilep(L);
|
|
/* ignore closed files */
|
|
if (f != NULL)
|
|
aux_close(L);
|
|
return 0;
|
|
}
|
|
|
|
|
|
static int io_tostring (lua_State *L) {
|
|
FILE *f = *tofilep(L);
|
|
if (f == NULL)
|
|
lua_pushliteral(L, "file (closed)");
|
|
else
|
|
lua_pushfstring(L, "file (%p)", f);
|
|
return 1;
|
|
}
|
|
|
|
|
|
static char iolib_errbuf[1024] = {0};
|
|
static int io_open (lua_State *L) {
|
|
const char *filename = luaL_checkstring(L, 1);
|
|
const char *mode = luaL_optstring(L, 2, "r");
|
|
static char buffer[1024] = {0};
|
|
memset(buffer, '\0', 1024);
|
|
snprintf(buffer, 1020, "io.open(\"%s\", \"%s\")", filename, mode);
|
|
append_to_audit_log(L, buffer);
|
|
FILE **pf = newfile(L);
|
|
/* filenames starting with teliva_tmp_ are always ok */
|
|
if (starts_with(filename, "teliva_tmp_")) {
|
|
*pf = fopen(filename, mode);
|
|
}
|
|
/* other filenames starting with teliva_ are never ok (reserved for the
|
|
* framework, should not be accessed by apps directly */
|
|
else if (starts_with(filename, "teliva_")) {
|
|
snprintf(iolib_errbuf, 1024, "app tried to open file '%s'; relative paths are never allowed", filename);
|
|
Previous_message = iolib_errbuf;
|
|
}
|
|
else if (contains(filename, "./")) {
|
|
snprintf(iolib_errbuf, 1024, "app tried to open file '%s'; relative paths are never allowed", filename);
|
|
Previous_message = iolib_errbuf;
|
|
}
|
|
else if (file_operation_permitted(filename, mode)) {
|
|
*pf = fopen(filename, mode);
|
|
}
|
|
else {
|
|
snprintf(iolib_errbuf, 1024, "app tried to open file '%s'; adjust its permissions (ctrl-p) if that is expected", filename);
|
|
Previous_message = iolib_errbuf;
|
|
}
|
|
return (*pf == NULL) ? pushresult(L, 0, filename) : 1;
|
|
}
|
|
|
|
|
|
static int io_tmpfile (lua_State *L) {
|
|
FILE **pf = newfile(L);
|
|
*pf = tmpfile();
|
|
return (*pf == NULL) ? pushresult(L, 0, NULL) : 1;
|
|
}
|
|
|
|
|
|
static int io_readline (lua_State *L);
|
|
|
|
|
|
static void aux_lines (lua_State *L, int idx, int toclose) {
|
|
lua_pushvalue(L, idx);
|
|
lua_pushboolean(L, toclose); /* close/not close file when finished */
|
|
lua_pushcclosure(L, io_readline, 2);
|
|
}
|
|
|
|
|
|
static int f_lines (lua_State *L) {
|
|
tofile(L); /* check that it's a valid file handle */
|
|
aux_lines(L, 1, 0);
|
|
return 1;
|
|
}
|
|
|
|
|
|
/*
|
|
** {======================================================
|
|
** READ
|
|
** =======================================================
|
|
*/
|
|
|
|
|
|
static int read_number (lua_State *L, FILE *f) {
|
|
lua_Number d;
|
|
if (fscanf(f, LUA_NUMBER_SCAN, &d) == 1) {
|
|
lua_pushnumber(L, d);
|
|
return 1;
|
|
}
|
|
else {
|
|
lua_pushnil(L); /* "result" to be removed */
|
|
return 0; /* read fails */
|
|
}
|
|
}
|
|
|
|
|
|
static int test_eof (lua_State *L, FILE *f) {
|
|
int c = getc(f);
|
|
ungetc(c, f);
|
|
lua_pushlstring(L, NULL, 0);
|
|
return (c != EOF);
|
|
}
|
|
|
|
|
|
static int read_line (lua_State *L, FILE *f) {
|
|
luaL_Buffer b;
|
|
luaL_buffinit(L, &b);
|
|
for (;;) {
|
|
size_t l;
|
|
char *p = luaL_prepbuffer(&b);
|
|
if (fgets(p, LUAL_BUFFERSIZE, f) == NULL) { /* eof? */
|
|
luaL_pushresult(&b); /* close buffer */
|
|
return (lua_objlen(L, -1) > 0); /* check whether read something */
|
|
}
|
|
l = strlen(p);
|
|
if (l == 0 || p[l-1] != '\n')
|
|
luaL_addsize(&b, l);
|
|
else {
|
|
luaL_addsize(&b, l - 1); /* do not include `eol' */
|
|
luaL_pushresult(&b); /* close buffer */
|
|
return 1; /* read at least an `eol' */
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
static int read_chars (lua_State *L, FILE *f, size_t n) {
|
|
size_t rlen; /* how much to read */
|
|
size_t nr; /* number of chars actually read */
|
|
luaL_Buffer b;
|
|
luaL_buffinit(L, &b);
|
|
rlen = LUAL_BUFFERSIZE; /* try to read that much each time */
|
|
do {
|
|
char *p = luaL_prepbuffer(&b);
|
|
if (rlen > n) rlen = n; /* cannot read more than asked */
|
|
nr = fread(p, sizeof(char), rlen, f);
|
|
luaL_addsize(&b, nr);
|
|
n -= nr; /* still have to read `n' chars */
|
|
} while (n > 0 && nr == rlen); /* until end of count or eof */
|
|
luaL_pushresult(&b); /* close buffer */
|
|
return (n == 0 || lua_objlen(L, -1) > 0);
|
|
}
|
|
|
|
|
|
static int g_read (lua_State *L, FILE *f, int first) {
|
|
int nargs = lua_gettop(L) - 1;
|
|
int success;
|
|
int n;
|
|
clearerr(f);
|
|
if (nargs == 0) { /* no arguments? */
|
|
success = read_line(L, f);
|
|
n = first+1; /* to return 1 result */
|
|
}
|
|
else { /* ensure stack space for all results and for auxlib's buffer */
|
|
luaL_checkstack(L, nargs+LUA_MINSTACK, "too many arguments");
|
|
success = 1;
|
|
for (n = first; nargs-- && success; n++) {
|
|
if (lua_type(L, n) == LUA_TNUMBER) {
|
|
size_t l = (size_t)lua_tointeger(L, n);
|
|
success = (l == 0) ? test_eof(L, f) : read_chars(L, f, l);
|
|
}
|
|
else {
|
|
const char *p = lua_tostring(L, n);
|
|
luaL_argcheck(L, p && p[0] == '*', n, "invalid option");
|
|
switch (p[1]) {
|
|
case 'n': /* number */
|
|
success = read_number(L, f);
|
|
break;
|
|
case 'l': /* line */
|
|
success = read_line(L, f);
|
|
break;
|
|
case 'a': /* file */
|
|
read_chars(L, f, ~((size_t)0)); /* read MAX_SIZE_T chars */
|
|
success = 1; /* always success */
|
|
break;
|
|
default:
|
|
return luaL_argerror(L, n, "invalid format");
|
|
}
|
|
}
|
|
}
|
|
}
|
|
if (ferror(f))
|
|
return pushresult(L, 0, NULL);
|
|
if (!success) {
|
|
lua_pop(L, 1); /* remove last result */
|
|
lua_pushnil(L); /* push nil instead */
|
|
}
|
|
return n - first;
|
|
}
|
|
|
|
|
|
static int f_read (lua_State *L) {
|
|
return g_read(L, tofile(L), 2);
|
|
}
|
|
|
|
|
|
static int io_readline (lua_State *L) {
|
|
FILE *f = *(FILE **)lua_touserdata(L, lua_upvalueindex(1));
|
|
int sucess;
|
|
if (f == NULL) /* file is already closed? */
|
|
luaL_error(L, "file is already closed");
|
|
sucess = read_line(L, f);
|
|
if (ferror(f))
|
|
return luaL_error(L, "%s", strerror(errno));
|
|
if (sucess) return 1;
|
|
else { /* EOF */
|
|
if (lua_toboolean(L, lua_upvalueindex(2))) { /* generator created file? */
|
|
lua_settop(L, 0);
|
|
lua_pushvalue(L, lua_upvalueindex(1));
|
|
aux_close(L); /* close it */
|
|
}
|
|
return 0;
|
|
}
|
|
}
|
|
|
|
/* }====================================================== */
|
|
|
|
|
|
static int g_write (lua_State *L, FILE *f, int arg) {
|
|
int nargs = lua_gettop(L) - 1;
|
|
int status = 1;
|
|
for (; nargs--; arg++) {
|
|
if (lua_type(L, arg) == LUA_TNUMBER) {
|
|
/* optimization: could be done exactly as for strings */
|
|
status = status &&
|
|
fprintf(f, LUA_NUMBER_FMT, lua_tonumber(L, arg)) > 0;
|
|
}
|
|
else {
|
|
size_t l;
|
|
const char *s = luaL_checklstring(L, arg, &l);
|
|
status = status && (fwrite(s, sizeof(char), l, f) == l);
|
|
}
|
|
}
|
|
return pushresult(L, status, NULL);
|
|
}
|
|
|
|
|
|
static int f_write (lua_State *L) {
|
|
return g_write(L, tofile(L), 2);
|
|
}
|
|
|
|
|
|
static int f_seek (lua_State *L) {
|
|
static const int mode[] = {SEEK_SET, SEEK_CUR, SEEK_END};
|
|
static const char *const modenames[] = {"set", "cur", "end", NULL};
|
|
FILE *f = tofile(L);
|
|
int op = luaL_checkoption(L, 2, "cur", modenames);
|
|
long offset = luaL_optlong(L, 3, 0);
|
|
op = fseek(f, offset, mode[op]);
|
|
if (op)
|
|
return pushresult(L, 0, NULL); /* error */
|
|
else {
|
|
lua_pushinteger(L, ftell(f));
|
|
return 1;
|
|
}
|
|
}
|
|
|
|
|
|
static int f_setvbuf (lua_State *L) {
|
|
static const int mode[] = {_IONBF, _IOFBF, _IOLBF};
|
|
static const char *const modenames[] = {"no", "full", "line", NULL};
|
|
FILE *f = tofile(L);
|
|
int op = luaL_checkoption(L, 2, NULL, modenames);
|
|
lua_Integer sz = luaL_optinteger(L, 3, LUAL_BUFFERSIZE);
|
|
int res = setvbuf(f, NULL, mode[op], sz);
|
|
return pushresult(L, res == 0, NULL);
|
|
}
|
|
|
|
|
|
static int f_flush (lua_State *L) {
|
|
return pushresult(L, fflush(tofile(L)) == 0, NULL);
|
|
}
|
|
|
|
|
|
static const luaL_Reg iolib[] = {
|
|
{"close", io_close},
|
|
/* no 'flush' since Teliva is ncurses-based */
|
|
/* no 'input' since Teliva is ncurses-based */
|
|
/* no 'io.lines'; it can confusingly fail without showing sandboxing errors */
|
|
{"open", io_open},
|
|
/* no 'output' since Teliva is ncurses-based */
|
|
/* no 'popen' without sandboxing it */
|
|
/* no 'read' since Teliva is ncurses-based */
|
|
{"tmpfile", io_tmpfile},
|
|
{"type", io_type},
|
|
/* no 'write' since Teliva is ncurses-based */
|
|
{NULL, NULL}
|
|
};
|
|
|
|
|
|
static const luaL_Reg flib[] = {
|
|
{"close", io_close},
|
|
{"flush", f_flush},
|
|
{"lines", f_lines},
|
|
{"read", f_read},
|
|
{"seek", f_seek},
|
|
{"setvbuf", f_setvbuf},
|
|
{"write", f_write},
|
|
{"__gc", io_gc},
|
|
{"__tostring", io_tostring},
|
|
{NULL, NULL}
|
|
};
|
|
|
|
|
|
static void createmeta (lua_State *L) {
|
|
luaL_newmetatable(L, LUA_FILEHANDLE); /* create metatable for file handles */
|
|
lua_pushvalue(L, -1); /* push metatable */
|
|
lua_setfield(L, -2, "__index"); /* metatable.__index = metatable */
|
|
luaL_register(L, NULL, flib); /* file methods */
|
|
}
|
|
|
|
|
|
static void newfenv (lua_State *L, lua_CFunction cls) {
|
|
lua_createtable(L, 0, 1);
|
|
lua_pushcfunction(L, cls);
|
|
lua_setfield(L, -2, "__close");
|
|
}
|
|
|
|
|
|
LUALIB_API int luaopen_io (lua_State *L) {
|
|
createmeta(L);
|
|
newfenv(L, io_fclose);
|
|
lua_replace(L, LUA_ENVIRONINDEX);
|
|
/* open library */
|
|
luaL_register(L, LUA_IOLIBNAME, iolib);
|
|
return 1;
|
|
}
|
|
|