Notice: Any messages purporting to come from this site telling you that your password has expired, or that you need to verify your details, confirm your email, resolve issues, making threats, or asking for money, are
spam. We do not email users with any such messages. If you have lost your password you can obtain a new one by using the
password reset link.
Due to spam on this forum, all posts now need moderator approval.
Entire forum
➜ SMAUG
➜ Lua
➜ Lua VM hack for execution time limits.
Lua VM hack for execution time limits.
|
It is now over 60 days since the last post. This thread is closed.
Refresh page
Posted by
| ThomasWatts
USA (66 posts) Bio
|
Date
| Tue 29 Jan 2008 06:39 AM (UTC) Amended on Tue 29 Jan 2008 08:54 AM (UTC) by ThomasWatts
|
Message
| The following assumes you can compile the Lua code yourself in the required DLL. It adds a simple time check to stop infinite loops and other malicious Lua code.
The changes should be obvious. Starts at line 374 in lvm.c
void luaV_execute (lua_State *L, int nexeccalls) {
LClosure *cl;
StkId base;
TValue *k;
const Instruction *pc;
int origClock = (clock() / CLOCKS_PER_SEC); // <--add start
int runtClock = 0; // <--add stop
reentry: /* entry point */
lua_assert(isLua(L->ci));
pc = L->savedpc;
cl = &clvalue(L->ci->func)->l;
base = L->base;
k = cl->p->k;
/* main loop of interpreter */
for (;;) {
const Instruction i = *pc++;
StkId ra;
runtClock = (clock() / CLOCKS_PER_SEC) - origClock; // <--add start
if( runtClock > 2 ) {
luaG_runerror(L, "Runtime length of 2 seconds exceeded.");
} // <--add stop
if ((L->hookmask & (LUA_MASKLINE | LUA_MASKCOUNT)) &&
(--L->hookcount == 0 || L->hookmask & LUA_MASKLINE)) {
traceexec(L, pc);
As always, Your Mileage May Vary | Top |
|
Posted by
| Nick Gammon
Australia (23,133 posts) Bio
Forum Administrator |
Date
| Reply #1 on Tue 29 Jan 2008 07:42 AM (UTC) |
Message
| |
Posted by
| ThomasWatts
USA (66 posts) Bio
|
Date
| Reply #2 on Tue 29 Jan 2008 08:25 AM (UTC) Amended on Tue 29 Jan 2008 08:54 AM (UTC) by ThomasWatts
|
Message
| Interesting, I had no idea that existed, I'll look into it.
Thanks Nick.
The above implemented in C inside call_lua_function:
static void luaCountHook(lua_State *L, lua_Debug *ar) {
char buf[MAX_STRING_LENGTH];
sprintf(buf, "Execution limits exceeded.\n");
bug(buf);
luaL_error(L, buf);
}
static long call_lua_function(lua_State *L, const char * fname, const int nArgs) {
long iResult = FALSE;
int error;
lua_sethook(L, luaCountHook, LUA_MASKCOUNT, 100000);
error = CallLuaWithTraceBack(L, nArgs, 0);
lua_sethook(L, luaCountHook, 0, 0);
if( error ) {
bug("Error %d executing Lua function %s:\n %s\n", error, fname, lua_tostring(L, -1));
lua_pop(L, 1); // pop error
}
if( lua_isnoneornil(L, -1) ) //treat both no return and nil the same
iResult = LUA_NONE_OR_NIL;
else if( lua_isnumber(L, -1) )
iResult = (long) luaL_checknumber(L, -1);
else if( lua_isboolean (L, -1) )
iResult = lua_toboolean(L, -1);
return iResult;
}
Not sure what to do with the 'lua_Debug *ar' yet, but I'll pass that on when I find out more. | Top |
|
The dates and times for posts above are shown in Universal Co-ordinated Time (UTC).
To show them in your local time you can join the forum, and then set the 'time correction' field in your profile to the number of hours difference between your location and UTC time.
15,019 views.
It is now over 60 days since the last post. This thread is closed.
Refresh page
top