1 files changed, 48 insertions, 15 deletions

diff --git a/src/wrapper.c b/src/wrapper.c
index 59b8fd5..7cb52e3 100644
--- a/src/wrapper.c
+++ b/src/wrapper.c
@@ -2,7 +2,7 @@
  *
  * Sandbox (for) Untrusted Procedure Partitioning (in) Lua Engine - Supple
  *
- * Wrapper for Lua interpreter to protect and isolate the sandbox code.
+ * Wrapper interpreter to protect and isolate the sandbox code.
  *
  * Copyright 2012 Daniel Silverstone <dsilvers@digital-scurf.org>
  *
@@ -11,33 +11,66 @@
  */
 
 #include <lua.h>
+#include <lauxlib.h>
+#include <lualib.h>
+
 #include <unistd.h>
 #include <stdlib.h>
 #include <stdio.h>
 
-char * const sub_argv[] = {
-	LUA_INTERP_NAME,
-	"-lsupple",
-	"-esupple.sandbox.run()",
-	NULL
-};
+typedef struct {
+	int retcode;
+} prot_args;
+
+static int
+protected_main(lua_State *L)
+{
+	prot_args *parg = (prot_args *)lua_touserdata(L, 1);
+	
+	luaL_openlibs(L);
+	
+	lua_getglobal(L, "require");
+	lua_pushstring(L, "supple");
+	lua_call(L, 1, 1);
+	
+	lua_getfield(L, -1, "sandbox");
+	lua_getfield(L, -1, "run");
+	
+	lua_call(L, 0, 1);
+	
+	if (lua_isnumber(L, -1)) {
+		parg->retcode = lua_tonumber(L, -1);
+	}
+	
+	return 0;
+}
 
 int
 main(int argc, char **argv)
 {
+	prot_args parg;
+	lua_State *L;
+	int success;
+
 	/* Perform pre-lua-interpreter initialisation */
 #ifndef TESTING_SUPPLE
 	unsetenv(LUA_PATH);
 	unsetenv(LUA_CPATH);
+	unsetenv("SUPPLE_MKDTEMP");
 #endif
 	unsetenv(LUA_INIT);
-
-	/* Now go on to run:
-	 * /path/to/lua -lsupple -esupple.sandbox.run()
-	 */
-	if (execv(LUA_INTERP_PATH, sub_argv) == -1) {
-		perror("execv(" LUA_INTERP_PATH ")");
+	
+	L = luaL_newstate();
+	if (L == NULL) {
+		return EXIT_FAILURE;
 	}
-
-	return EXIT_FAILURE;
+	
+	parg.retcode = 0;
+	
+	success = lua_cpcall(L, &protected_main, &parg);
+	
+	lua_close(L);
+	
+	return ((success == 0) && (parg.retcode == 0)) ? EXIT_SUCCESS :
+		((success == 0) ? parg.retcode : EXIT_FAILURE);
 }