sapier/test_unsafe_functions.lua

## test_unsafe_functions.lua

local os_functiontable =  {
	-- fct,     allowed,   p1, p2, p3
	{ "clock",       true, nil, nil, nil },
	{ "date",        true, nil, nil, nil },
	{ "difftime",    true, 10000, 9000, nil },
	{ "execute",    false, "/bin/true", nil, nil },
	{ "getenv",     false, "SHELL", nil, nil },
	{ "rename",     false, "/tmp/somefile", "/tmp/someotherfile", nil },
	{ "remove",     false, "/tmp/someotherfile", nil, nil },
	{ "setlocale",  false, "de_DE.utf8", "all", nil },
	{ "time",        true, nil, nil, nil },
	{ "tmpname",    false, nil, nil, nil },
	{ "exit",       false, 0, nil, nil }
}


local check_function_table = function(fcttable, pkgname, pkg)

	for i=1, #fcttable, 1 do
		minetest.log("action", "Testing for " .. pkgname .. "." .. fcttable[i][1] .. "...")
		if type(pkg[fcttable[i][1]]) == "function" then

			minetest.log("action", "\tfunction present")
			local call_successfull = false
			local message = "\tfunction "

			local fctretval = pkg[fcttable[i][1]](fcttable[i][3], fcttable[i][4], fcttable[i][5])

			if fctretval then
				call_successfull = true
				message = message .. "works "
			else
				message = message .. "does not work "
			end

			if call_successfull ~= fcttable[i][2] then
				message = message .. "==> BAD!"
			end

			minetest.log("error", message)
			minetest.log("error", "\tfunction returned: " .. dump(fctretval))
		end
	end
end


local check_function = function(fct, name, shallwork, p1, p2, p3)
	minetest.log("action", "Testing for " .. name .. "...")
	if type(fct) == "function" then
		minetest.log("action", "\tfunction present")
		local call_successfull = false
		local message = "\tfunction "

		local fctretval = fct(p1,p2,p3)

		if fctretval then
			call_successfull = true
			message = message .. "works "
		else
			message = message .. "does not work "
		end

		if call_successfull ~= shallwork then
			message = message .. "==> BAD!"
		end

		minetest.log("error", message)
		minetest.log("error", "\tfunction returned: " .. dump(fctretval))
	end
end

local package_functiontable =  {
	-- fct,        allowed,   p1, p2, p3
	{ "config",      false, nil, nil, nil },
	{ "cpath",       false, nil, nil, nil },
	{ "loaded",      false, nil, nil, nil },
	{ "loadlib",     false, nil, nil, nil },
	{ "path",        false, nil, nil, nil },
	{ "preload",     false, nil, nil, nil },
	{ "searchers",   false, nil, nil, nil },
	{ "searchpath",  false, nil, nil, nil },
}

local sethooktest = function()
	if called_once == nil then
		print("Sethooktest is now called everytime a function is called!")
		called_once = 1
	end
end

local debug_functiontable =  {
	-- fct,     allowed,   p1, p2, p3
	{      "gethook",     false, nil, nil, nil },
	{      "getinfo",     false,   1, nil, nil },
	{     "getlocal",     false,   1,   1, nil },
	{ "getmetatable",     false,  os, nil, nil },
	{  "getregistry",     false, nil, nil, nil },
	{   "getupvalue",     false, nil, nil, nil },
	{ "getuservalue",     false, nil, nil, nil },
	{      "sethook",     false, sethooktest, "c", nil },
	{ "setmetatable",     false, nil, nil, nil },
	{ "setuservalue",     false, nil, nil, nil },
	{    "traceback",     false, nil, nil, nil },
	{    "upvalueid",     false, nil, nil, nil },
	{  "upvaluejoin",     false, nil, nil, nil },
-- will stop application so user will find out
--	{        "debug",     false, nil, nil, nil },
}

local loadfcttest = function()

end

-- check builtins
-- bad makes test hang
check_function(dofile,             "dofile", false, "/tmp/somefile")
check_function(getmetatable, "getmetatable", false, _G)
check_function(load,                 "load", false, loadfcttest, "local dummy=1")
check_function(loadfile,         "loadfile", false, "/tmp/somefile")
--prevented by modsecurity atm but in a way breaking test
--check_function(require,           "require", false, "/tmp/somefile")

-- check standard libs
check_function_table(debug_functiontable, "debug", debug)
check_function_table(package_functiontable, "package", package)
check_function_table(os_functiontable, "os", os)

	local os_functiontable = {
	-- fct, allowed, p1, p2, p3
	{ "clock", true, nil, nil, nil },
	{ "date", true, nil, nil, nil },
	{ "difftime", true, 10000, 9000, nil },
	{ "execute", false, "/bin/true", nil, nil },
	{ "getenv", false, "SHELL", nil, nil },
	{ "rename", false, "/tmp/somefile", "/tmp/someotherfile", nil },
	{ "remove", false, "/tmp/someotherfile", nil, nil },
	{ "setlocale", false, "de_DE.utf8", "all", nil },
	{ "time", true, nil, nil, nil },
	{ "tmpname", false, nil, nil, nil },
	{ "exit", false, 0, nil, nil }
	}


	local check_function_table = function(fcttable, pkgname, pkg)

	for i=1, #fcttable, 1 do
	minetest.log("action", "Testing for " .. pkgname .. "." .. fcttable[i][1] .. "...")
	if type(pkg[fcttable[i][1]]) == "function" then

	minetest.log("action", "\tfunction present")
	local call_successfull = false
	local message = "\tfunction "

	local fctretval = pkg[fcttable[i][1]](fcttable[i][3], fcttable[i][4], fcttable[i][5])

	if fctretval then
	call_successfull = true
	message = message .. "works "
	else
	message = message .. "does not work "
	end

	if call_successfull ~= fcttable[i][2] then
	message = message .. "==> BAD!"
	end

	minetest.log("error", message)
	minetest.log("error", "\tfunction returned: " .. dump(fctretval))
	end
	end
	end


	local check_function = function(fct, name, shallwork, p1, p2, p3)
	minetest.log("action", "Testing for " .. name .. "...")
	if type(fct) == "function" then
	minetest.log("action", "\tfunction present")
	local call_successfull = false
	local message = "\tfunction "

	local fctretval = fct(p1,p2,p3)

	if fctretval then
	call_successfull = true
	message = message .. "works "
	else
	message = message .. "does not work "
	end

	if call_successfull ~= shallwork then
	message = message .. "==> BAD!"
	end

	minetest.log("error", message)
	minetest.log("error", "\tfunction returned: " .. dump(fctretval))
	end
	end

	local package_functiontable = {
	-- fct, allowed, p1, p2, p3
	{ "config", false, nil, nil, nil },
	{ "cpath", false, nil, nil, nil },
	{ "loaded", false, nil, nil, nil },
	{ "loadlib", false, nil, nil, nil },
	{ "path", false, nil, nil, nil },
	{ "preload", false, nil, nil, nil },
	{ "searchers", false, nil, nil, nil },
	{ "searchpath", false, nil, nil, nil },
	}

	local sethooktest = function()
	if called_once == nil then
	print("Sethooktest is now called everytime a function is called!")
	called_once = 1
	end
	end

	local debug_functiontable = {
	-- fct, allowed, p1, p2, p3
	{ "gethook", false, nil, nil, nil },
	{ "getinfo", false, 1, nil, nil },
	{ "getlocal", false, 1, 1, nil },
	{ "getmetatable", false, os, nil, nil },
	{ "getregistry", false, nil, nil, nil },
	{ "getupvalue", false, nil, nil, nil },
	{ "getuservalue", false, nil, nil, nil },
	{ "sethook", false, sethooktest, "c", nil },
	{ "setmetatable", false, nil, nil, nil },
	{ "setuservalue", false, nil, nil, nil },
	{ "traceback", false, nil, nil, nil },
	{ "upvalueid", false, nil, nil, nil },
	{ "upvaluejoin", false, nil, nil, nil },
	-- will stop application so user will find out
	-- { "debug", false, nil, nil, nil },
	}

	local loadfcttest = function()

	end

	-- check builtins
	-- bad makes test hang
	check_function(dofile, "dofile", false, "/tmp/somefile")
	check_function(getmetatable, "getmetatable", false, _G)
	check_function(load, "load", false, loadfcttest, "local dummy=1")
	check_function(loadfile, "loadfile", false, "/tmp/somefile")
	--prevented by modsecurity atm but in a way breaking test
	--check_function(require, "require", false, "/tmp/somefile")

	-- check standard libs
	check_function_table(debug_functiontable, "debug", debug)
	check_function_table(package_functiontable, "package", package)
	check_function_table(os_functiontable, "os", os)