#endif
}
-void scriptingProtectGlobals(lua_State *lua) {
- char *s[26];
+/* Remove a functions that we don't want to expose to the Redis scripting
+ * environment. */
+void luaRemoveUnsupportedFunctions(lua_State *lua) {
+ lua_pushnil(lua);
+ lua_setglobal(lua,"loadfile");
+}
+
+/* This function installs metamethods in the global table _G that prevent
+ * the creation of globals accidentally.
+ *
+ * It should be the last to be called in the scripting engine initialization
+ * sequence, because it may interact with creation of globals. */
+void scriptingEnableGlobalsProtection(lua_State *lua) {
+ char *s[32];
sds code = sdsempty();
- int j;
+ int j = 0;
- /* strict.lua from: http://metalua.luaforge.net/src/lib/strict.lua.html */
- s[0]="local mt = getmetatable(_G)\n";
- s[1]="if mt == nil then\n";
- s[2]=" mt = {}\n";
- s[3]=" setmetatable(_G, mt)\n";
- s[4]="end\n";
- s[5]="__STRICT = true\n";
- s[6]="mt.__declared = {}\n";
- s[7]="mt.__newindex = function (t, n, v)\n";
- s[8]=" if __STRICT and not mt.__declared[n] and debug.getinfo(2) then\n";
- s[9]=" local w = debug.getinfo(2, \"S\").what\n";
- s[10]=" if w ~= \"main\" and w ~= \"C\" then\n";
- s[11]=" error(\"assign to undeclared global var '\"..n..\"'\", 2)\n";
- s[12]=" end\n";
- s[13]=" mt.__declared[n] = true\n";
- s[14]=" end\n";
- s[15]=" rawset(t, n, v)\n";
- s[16]="end\n";
- s[17]="mt.__index = function (t, n)\n";
- s[18]=" if debug.getinfo(2) and not mt.__declared[n] and debug.getinfo(2, \"S\").what ~= \"C\" then\n";
- s[19]=" error(\"global var '\"..n..\"' is not declared\", 2)\n";
- s[20]=" end\n";
- s[21]=" return rawget(t, n)\n";
- s[22]="end\n";
- s[23]="function global(...)\n";
- s[24]=" for _, v in ipairs{...} do mt.__declared[v] = true end\n";
- s[25]="end\n";
-
- for (j = 0; j < 26; j++) code = sdscatlen(code,s[j],strlen(s[j]));
- luaL_loadbuffer(lua,code,sdslen(code),"strict_lua");
+ /* strict.lua from: http://metalua.luaforge.net/src/lib/strict.lua.html.
+ * Modified to be adapted to Redis. */
+ s[j++]="local mt = {}\n";
+ s[j++]="setmetatable(_G, mt)\n";
+ s[j++]="mt.__newindex = function (t, n, v)\n";
+ s[j++]=" if debug.getinfo(2) then\n";
+ s[j++]=" local w = debug.getinfo(2, \"S\").what\n";
+ s[j++]=" if w ~= \"main\" and w ~= \"C\" then\n";
+ s[j++]=" error(\"Script attempted to create global variable '\"..tostring(n)..\"'\", 2)\n";
+ s[j++]=" end\n";
+ s[j++]=" end\n";
+ s[j++]=" rawset(t, n, v)\n";
+ s[j++]="end\n";
+ s[j++]="mt.__index = function (t, n)\n";
+ s[j++]=" if debug.getinfo(2) and debug.getinfo(2, \"S\").what ~= \"C\" then\n";
+ s[j++]=" error(\"Script attempted to access unexisting global variable '\"..tostring(n)..\"'\", 2)\n";
+ s[j++]=" end\n";
+ s[j++]=" return rawget(t, n)\n";
+ s[j++]="end\n";
+ s[j++]=NULL;
+
+ for (j = 0; s[j] != NULL; j++) code = sdscatlen(code,s[j],strlen(s[j]));
+ luaL_loadbuffer(lua,code,sdslen(code),"@enable_strict_lua");
lua_pcall(lua,0,0,0);
sdsfree(code);
}
* See scriptingReset() for more information. */
void scriptingInit(void) {
lua_State *lua = lua_open();
+
luaLoadLibraries(lua);
+ luaRemoveUnsupportedFunctions(lua);
/* Initialize a dictionary we use to map SHAs to scripts.
* This is useful for replication, as we need to replicate EVALSHA
" if b == false then b = '' end\n"
" return a<b\n"
"end\n";
- luaL_loadbuffer(lua,compare_func,strlen(compare_func),"cmp_func_def");
+ luaL_loadbuffer(lua,compare_func,strlen(compare_func),"@cmp_func_def");
lua_pcall(lua,0,0,0);
}
/* Lua beginners ofter don't use "local", this is likely to introduce
* subtle bugs in their code. To prevent problems we protect accesses
* to global variables. */
- scriptingProtectGlobals(lua);
+ scriptingEnableGlobalsProtection(lua);
server.lua = lua;
}
funcdef = sdscatlen(funcdef,body->ptr,sdslen(body->ptr));
funcdef = sdscatlen(funcdef," end",4);
- if (luaL_loadbuffer(lua,funcdef,sdslen(funcdef),"func definition")) {
+ if (luaL_loadbuffer(lua,funcdef,sdslen(funcdef),"@user_script")) {
addReplyErrorFormat(c,"Error compiling script (new function): %s\n",
lua_tostring(lua,-1));
lua_pop(lua,1);
lua_State *lua = server.lua;
char funcname[43];
long long numkeys;
+ int delhook = 0;
/* We want the same PRNG sequence at every call so that our PRNG is
* not affected by external state. */
* is running for too much time.
* We set the hook only if the time limit is enabled as the hook will
* make the Lua script execution slower. */
+ server.lua_caller = c;
+ server.lua_time_start = ustime()/1000;
+ server.lua_kill = 0;
if (server.lua_time_limit > 0 && server.masterhost == NULL) {
lua_sethook(lua,luaMaskCountHook,LUA_MASKCOUNT,100000);
- } else {
- lua_sethook(lua,luaMaskCountHook,0,0);
+ delhook = 1;
}
/* At this point whatever this script was never seen before or if it was
* already defined, we can call it. We have zero arguments and expect
* a single return value. */
- server.lua_caller = c;
- server.lua_time_start = ustime()/1000;
- server.lua_kill = 0;
if (lua_pcall(lua,0,1,0)) {
+ if (delhook) lua_sethook(lua,luaMaskCountHook,0,0); /* Disable hook */
if (server.lua_timedout) {
server.lua_timedout = 0;
/* Restore the readable handler that was unregistered when the
lua_gc(lua,LUA_GCCOLLECT,0);
return;
}
+ if (delhook) lua_sethook(lua,luaMaskCountHook,0,0); /* Disable hook */
server.lua_timedout = 0;
server.lua_caller = NULL;
selectDb(c,server.lua_client->db->id); /* set DB ID from Lua client */