rpms/freeciv/devel freeciv-0002-Make-impossible-to-access-operating-system-from-Lua-.patch, NONE, 1.1 freeciv.spec, 1.50, 1.51

thomasj thomasj at fedoraproject.org
Sun Jun 6 07:46:44 UTC 2010 

Author: thomasj

Update of /cvs/pkgs/rpms/freeciv/devel
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv16963

Modified Files:
	freeciv.spec 
Added Files:
	freeciv-0002-Make-impossible-to-access-operating-system-from-Lua-.patch 
Log Message:
security fix make impossible to access operating system from lua

freeciv-0002-Make-impossible-to-access-operating-system-from-Lua-.patch:
 script.c |   70 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 69 insertions(+), 1 deletion(-)

--- NEW FILE freeciv-0002-Make-impossible-to-access-operating-system-from-Lua-.patch ---
--- server/scripting/script.c	2010-02-21 19:35:39.000000000 +0100
+++ server/scripting/script.c.old	2010-06-06 09:30:51.000000000 +0200
@@ -44,6 +44,48 @@
 
 
 /**************************************************************************
+  Unsafe Lua builtin symbols that we to remove access to.
+
+  If Freeciv's Lua version changes, you have to check how the set of
+  unsafe functions and modules changes in the new version. Update the list of
+  loaded libraries in script_lualibs, then update the unsafe symbols blacklist
+  in script_unsafe_symbols.
+
+  Once the variables are updated for the new version, update the value of
+  SCRIPT_SECURE_LUA_VERSION
+
+  In general, unsafe is all functionality that gives access to:
+  * Reading files and running processes
+  * Loading lua files or libraries
+**************************************************************************/
+#define SCRIPT_SECURE_LUA_VERSION 501
+
+static const char *script_unsafe_symbols[] = {
+  "dofile",
+  "loadfile",
+  NULL
+};
+
+#if LUA_VERSION_NUM != SCRIPT_SECURE_LUA_VERSION
+#warning "The script runtime's unsafe symbols information is not up to date."
+#warning "This can be a big security hole!"
+#endif
+
+/**************************************************************************
+  Lua libraries to load (all default libraries, excluding operating system
+  and library loading modules). See linit.c in Lua 5.1 for the default list.
+**************************************************************************/
+static luaL_Reg script_lualibs[] = {
+  /* Using default libraries excluding: package, io and os */
+  {"", luaopen_base},
+  {LUA_TABLIBNAME, luaopen_table},
+  {LUA_STRLIBNAME, luaopen_string},
+  {LUA_MATHLIBNAME, luaopen_math},
+  {LUA_DBLIBNAME, luaopen_debug},
+  {NULL, NULL}
+};
+
+/**************************************************************************
   Report a lua error.
 **************************************************************************/
 static int script_report(lua_State *L, int status, const char *code)
@@ -383,6 +425,31 @@
 }
 
 /**************************************************************************
+  Open lua libraries in the array of library definitions in llib.
+**************************************************************************/
+static void script_openlibs(lua_State *L, const luaL_Reg *llib)
+{
+  for (; llib->func; llib++) {
+    lua_pushcfunction(L, llib->func);
+    lua_pushstring(L, llib->name);
+    lua_call(L, 1, 0);
+  }
+}
+
+/**************************************************************************
+  Remove global symbols from lua state L
+**************************************************************************/
+static void script_blacklist(lua_State *L, const char *lsymbols[])
+{
+  int i;
+
+  for (i = 0; lsymbols[i] != NULL; i++) {
+    lua_pushnil(L);
+    lua_setglobal(L, lsymbols[i]);
+  }
+}
+
+/**************************************************************************
   Initialize the scripting state.
 **************************************************************************/
 bool script_init(void)
@@ -393,7 +460,8 @@
       return FALSE;
     }
 
-    luaL_openlibs(state);
+    script_openlibs(state, script_lualibs);
+    script_blacklist(state, script_unsafe_symbols);
 
     tolua_api_open(state);


Index: freeciv.spec
===================================================================
RCS file: /cvs/pkgs/rpms/freeciv/devel/freeciv.spec,v
retrieving revision 1.50
retrieving revision 1.51
diff -u -p -r1.50 -r1.51
--- freeciv.spec	2 Mar 2010 22:03:52 -0000	1.50
+++ freeciv.spec	6 Jun 2010 07:46:42 -0000	1.51
@@ -5,7 +5,7 @@
 
 Name:           freeciv
 Version:        2.2.0
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        A multi-player strategy game
 
 Group:          Amusements/Games
@@ -16,6 +16,8 @@ BuildRoot:      %{_tmppath}/%{name}-%{ve
 
 ##Fix DSO patch
 Patch10:	freeciv-client-fix-DSO.patch
+##upstream patch
+Patch20:	freeciv-0002-Make-impossible-to-access-operating-system-from-Lua-.patch
 
 BuildRequires:	gtk2-devel
 BuildRequires:	readline-devel
@@ -42,6 +44,7 @@ in order to become the leader of the gre
 %prep
 %setup -q -n %{name}-%{version}
 %patch10 -p0
+%patch20 -p0
 
 %build
 %configure --enable-client=gtk --disable-static
@@ -110,7 +113,11 @@ fi
 
 
 %changelog
-* Tue Mar 02 2010 Thomas Janssen <thomasj at fedoraproject.org> 2.2.0
+* Sun Jun 06 2010 Thomas Janssen <thomasj at fedoraproject.org> 2.2.0-2
+- security fix http://gna.org/bugs/?15624
+- #600742 #600743 #600744
+
+* Tue Mar 02 2010 Thomas Janssen <thomasj at fedoraproject.org> 2.2.0-1
 - New upstream source 2.2.0
 
 * Fri Jan 29 2010 Brian Pepple <bpepple at fedoraproject.org> - 2.1.11-1

More information about the scm-commits mailing list