diff options
Diffstat (limited to 'src/wrapper.c')
-rw-r--r-- | src/wrapper.c | 63 |
1 files changed, 48 insertions, 15 deletions
diff --git a/src/wrapper.c b/src/wrapper.c index 59b8fd5..7cb52e3 100644 --- a/src/wrapper.c +++ b/src/wrapper.c @@ -2,7 +2,7 @@ * * Sandbox (for) Untrusted Procedure Partitioning (in) Lua Engine - Supple * - * Wrapper for Lua interpreter to protect and isolate the sandbox code. + * Wrapper interpreter to protect and isolate the sandbox code. * * Copyright 2012 Daniel Silverstone <dsilvers@digital-scurf.org> * @@ -11,33 +11,66 @@ */ #include <lua.h> +#include <lauxlib.h> +#include <lualib.h> + #include <unistd.h> #include <stdlib.h> #include <stdio.h> -char * const sub_argv[] = { - LUA_INTERP_NAME, - "-lsupple", - "-esupple.sandbox.run()", - NULL -}; +typedef struct { + int retcode; +} prot_args; + +static int +protected_main(lua_State *L) +{ + prot_args *parg = (prot_args *)lua_touserdata(L, 1); + + luaL_openlibs(L); + + lua_getglobal(L, "require"); + lua_pushstring(L, "supple"); + lua_call(L, 1, 1); + + lua_getfield(L, -1, "sandbox"); + lua_getfield(L, -1, "run"); + + lua_call(L, 0, 1); + + if (lua_isnumber(L, -1)) { + parg->retcode = lua_tonumber(L, -1); + } + + return 0; +} int main(int argc, char **argv) { + prot_args parg; + lua_State *L; + int success; + /* Perform pre-lua-interpreter initialisation */ #ifndef TESTING_SUPPLE unsetenv(LUA_PATH); unsetenv(LUA_CPATH); + unsetenv("SUPPLE_MKDTEMP"); #endif unsetenv(LUA_INIT); - - /* Now go on to run: - * /path/to/lua -lsupple -esupple.sandbox.run() - */ - if (execv(LUA_INTERP_PATH, sub_argv) == -1) { - perror("execv(" LUA_INTERP_PATH ")"); + + L = luaL_newstate(); + if (L == NULL) { + return EXIT_FAILURE; } - - return EXIT_FAILURE; + + parg.retcode = 0; + + success = lua_cpcall(L, &protected_main, &parg); + + lua_close(L); + + return ((success == 0) && (parg.retcode == 0)) ? EXIT_SUCCESS : + ((success == 0) ? parg.retcode : EXIT_FAILURE); } |