Register forum user name Search FAQ

Gammon Forum

Notice: Any messages purporting to come from this site telling you that your password has expired, or that you need to verify your details, confirm your email, resolve issues, making threats, or asking for money, are spam. We do not email users with any such messages. If you have lost your password you can obtain a new one by using the password reset link.

Due to spam on this forum, all posts now need moderator approval.

 Entire forum ➜ SMAUG ➜ Lua ➜ Lua VM hack for execution time limits.

Lua VM hack for execution time limits.

It is now over 60 days since the last post. This thread is closed.     Refresh page


Posted by ThomasWatts   USA  (66 posts)  Bio
Date Tue 29 Jan 2008 06:39 AM (UTC)

Amended on Tue 29 Jan 2008 08:54 AM (UTC) by ThomasWatts

Message
The following assumes you can compile the Lua code yourself in the required DLL. It adds a simple time check to stop infinite loops and other malicious Lua code.
The changes should be obvious. Starts at line 374 in lvm.c

void luaV_execute (lua_State *L, int nexeccalls) {
  LClosure *cl;
  StkId base;
  TValue *k;
  const Instruction *pc;
  int origClock = (clock() / CLOCKS_PER_SEC); // <--add start
  int runtClock = 0; // <--add stop
 reentry:  /* entry point */
  lua_assert(isLua(L->ci));
  pc = L->savedpc;
  cl = &clvalue(L->ci->func)->l;
  base = L->base;
  k = cl->p->k;
  /* main loop of interpreter */
  for (;;) {
    const Instruction i = *pc++;
    StkId ra;
    runtClock = (clock() / CLOCKS_PER_SEC) - origClock; // <--add start
    if( runtClock > 2 ) {
		luaG_runerror(L, "Runtime length of 2 seconds exceeded.");
	} // <--add stop
    if ((L->hookmask & (LUA_MASKLINE | LUA_MASKCOUNT)) &&
        (--L->hookcount == 0 || L->hookmask & LUA_MASKLINE)) {
      traceexec(L, pc);

As always, Your Mileage May Vary
Top

Posted by Nick Gammon   Australia  (23,133 posts)  Bio   Forum Administrator
Date Reply #1 on Tue 29 Jan 2008 07:42 AM (UTC)
Message
Another approach is to use a hook as described in this post "How to stop runaway scripts":

http://www.gammon.com.au/forum/bbshowpost.php?id=6534

The method described there can be used without recompiling Lua.

- Nick Gammon

www.gammon.com.au, www.mushclient.com
Top

Posted by ThomasWatts   USA  (66 posts)  Bio
Date Reply #2 on Tue 29 Jan 2008 08:25 AM (UTC)

Amended on Tue 29 Jan 2008 08:54 AM (UTC) by ThomasWatts

Message
Interesting, I had no idea that existed, I'll look into it.
Thanks Nick.

The above implemented in C inside call_lua_function:

static void luaCountHook(lua_State *L, lua_Debug *ar) {
	char buf[MAX_STRING_LENGTH];
	sprintf(buf, "Execution limits exceeded.\n");
	bug(buf);
	luaL_error(L, buf);
}

static long call_lua_function(lua_State *L, const char * fname, const int nArgs) {
	long iResult = FALSE;
	int error;
	lua_sethook(L, luaCountHook, LUA_MASKCOUNT, 100000);
	error = CallLuaWithTraceBack(L, nArgs, 0);
	lua_sethook(L, luaCountHook, 0, 0);
	if( error ) {
		bug("Error %d executing Lua function %s:\n %s\n", error, fname, lua_tostring(L, -1));
		lua_pop(L, 1); // pop error
	}
	if( lua_isnoneornil(L, -1) ) //treat both no return and nil the same
		iResult = LUA_NONE_OR_NIL;
	else if( lua_isnumber(L, -1) )
		iResult = (long) luaL_checknumber(L, -1);
	else if( lua_isboolean (L, -1) )
		iResult = lua_toboolean(L, -1);
	return iResult;
}


Not sure what to do with the 'lua_Debug *ar' yet, but I'll pass that on when I find out more.
Top

The dates and times for posts above are shown in Universal Co-ordinated Time (UTC).

To show them in your local time you can join the forum, and then set the 'time correction' field in your profile to the number of hours difference between your location and UTC time.


15,019 views.

It is now over 60 days since the last post. This thread is closed.     Refresh page

Go to topic:           Search the forum


[Go to top] top

Information and images on this site are licensed under the Creative Commons Attribution 3.0 Australia License unless stated otherwise.