rpms/freeciv/F-12 freeciv-0002-Make-impossible-to-access-operating-system-from-Lua-.patch, NONE, 1.1 freeciv.spec, 1.50, 1.51
thomasj
thomasj at fedoraproject.org
Sun Jun 6 08:13:27 UTC 2010
Author: thomasj
Update of /cvs/pkgs/rpms/freeciv/F-12
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv18666
Modified Files:
freeciv.spec
Added Files:
freeciv-0002-Make-impossible-to-access-operating-system-from-Lua-.patch
Log Message:
security fix make impossible to access operating system from lua
freeciv-0002-Make-impossible-to-access-operating-system-from-Lua-.patch:
script.c | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 69 insertions(+), 1 deletion(-)
--- NEW FILE freeciv-0002-Make-impossible-to-access-operating-system-from-Lua-.patch ---
--- server/scripting/script.c 2010-02-21 19:35:39.000000000 +0100
+++ server/scripting/script.c.old 2010-06-06 09:30:51.000000000 +0200
@@ -44,6 +44,48 @@
/**************************************************************************
+ Unsafe Lua builtin symbols that we to remove access to.
+
+ If Freeciv's Lua version changes, you have to check how the set of
+ unsafe functions and modules changes in the new version. Update the list of
+ loaded libraries in script_lualibs, then update the unsafe symbols blacklist
+ in script_unsafe_symbols.
+
+ Once the variables are updated for the new version, update the value of
+ SCRIPT_SECURE_LUA_VERSION
+
+ In general, unsafe is all functionality that gives access to:
+ * Reading files and running processes
+ * Loading lua files or libraries
+**************************************************************************/
+#define SCRIPT_SECURE_LUA_VERSION 501
+
+static const char *script_unsafe_symbols[] = {
+ "dofile",
+ "loadfile",
+ NULL
+};
+
+#if LUA_VERSION_NUM != SCRIPT_SECURE_LUA_VERSION
+#warning "The script runtime's unsafe symbols information is not up to date."
+#warning "This can be a big security hole!"
+#endif
+
+/**************************************************************************
+ Lua libraries to load (all default libraries, excluding operating system
+ and library loading modules). See linit.c in Lua 5.1 for the default list.
+**************************************************************************/
+static luaL_Reg script_lualibs[] = {
+ /* Using default libraries excluding: package, io and os */
+ {"", luaopen_base},
+ {LUA_TABLIBNAME, luaopen_table},
+ {LUA_STRLIBNAME, luaopen_string},
+ {LUA_MATHLIBNAME, luaopen_math},
+ {LUA_DBLIBNAME, luaopen_debug},
+ {NULL, NULL}
+};
+
+/**************************************************************************
Report a lua error.
**************************************************************************/
static int script_report(lua_State *L, int status, const char *code)
@@ -383,6 +425,31 @@
}
/**************************************************************************
+ Open lua libraries in the array of library definitions in llib.
+**************************************************************************/
+static void script_openlibs(lua_State *L, const luaL_Reg *llib)
+{
+ for (; llib->func; llib++) {
+ lua_pushcfunction(L, llib->func);
+ lua_pushstring(L, llib->name);
+ lua_call(L, 1, 0);
+ }
+}
+
+/**************************************************************************
+ Remove global symbols from lua state L
+**************************************************************************/
+static void script_blacklist(lua_State *L, const char *lsymbols[])
+{
+ int i;
+
+ for (i = 0; lsymbols[i] != NULL; i++) {
+ lua_pushnil(L);
+ lua_setglobal(L, lsymbols[i]);
+ }
+}
+
+/**************************************************************************
Initialize the scripting state.
**************************************************************************/
bool script_init(void)
@@ -393,7 +460,8 @@
return FALSE;
}
- luaL_openlibs(state);
+ script_openlibs(state, script_lualibs);
+ script_blacklist(state, script_unsafe_symbols);
tolua_api_open(state);
Index: freeciv.spec
===================================================================
RCS file: /cvs/pkgs/rpms/freeciv/F-12/freeciv.spec,v
retrieving revision 1.50
retrieving revision 1.51
diff -u -p -r1.50 -r1.51
--- freeciv.spec 2 Mar 2010 22:32:10 -0000 1.50
+++ freeciv.spec 6 Jun 2010 08:13:27 -0000 1.51
@@ -5,7 +5,7 @@
Name: freeciv
Version: 2.2.0
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: A multi-player strategy game
Group: Amusements/Games
@@ -16,6 +16,8 @@ BuildRoot: %{_tmppath}/%{name}-%{ve
##Fix DSO patch
Patch10: freeciv-client-fix-DSO.patch
+##upstream patch
+Patch20: freeciv-0002-Make-impossible-to-access-operating-system-from-Lua-.patch
BuildRequires: gtk2-devel
BuildRequires: readline-devel
@@ -42,6 +44,7 @@ in order to become the leader of the gre
%prep
%setup -q -n %{name}-%{version}
%patch10 -p0
+%patch20 -p0
%build
%configure --enable-client=gtk --disable-static
@@ -110,7 +113,11 @@ fi
%changelog
-* Tue Mar 02 2010 Thomas Janssen <thomasj at fedoraproject.org> 2.2.0
+* Sun Jun 06 2010 Thomas Janssen <thomasj at fedoraproject.org> 2.2.0-2
+- security fix http://gna.org/bugs/?15624
+- #600742 #600743 #600744
+
+* Tue Mar 02 2010 Thomas Janssen <thomasj at fedoraproject.org> 2.2.0-1
- New upstream source 2.2.0
* Fri Jan 29 2010 Brian Pepple <bpepple at fedoraproject.org> - 2.1.11-1
More information about the scm-commits
mailing list