changeset
clix.raw: Allow unsandboxed arbitrary code execution
Sat, 10 Apr 2021 00:28:05 +0200
- author
- Kim Alvefur <zash@zash.se>
- date
- Sat, 10 Apr 2021 00:28:05 +0200
- changeset 153
- 56546fb3429b
- parent 152
- c729365f1091
- child 154
- e7f579d82b76
clix.raw: Allow unsandboxed arbitrary code execution
Useful for doing things to clix/verse internals
| clix/raw.lua | file | annotate | diff | comparison | revisions |
--- a/clix/raw.lua Sat Apr 10 00:25:44 2021 +0200 +++ b/clix/raw.lua Sat Apr 10 00:28:05 2021 +0200 @@ -85,13 +85,22 @@ return end if data:sub(1,1) ~= "<" then - local chunk, err = loadstring("return "..data, "@stdin"); + local sandboxed = true; + if data:sub(1,1) == ">" then + sandboxed = false; + data = data:sub(2); + else + data = "return "..data; + end + local chunk, err = loadstring(data, "@stdin"); if not chunk then conn:error(err); return; end data = ""; - setfenv(chunk, env); + if sandboxed then + setfenv(chunk, env); + end local ok, ret = pcall(chunk); if ok then data = ret
