util-landlock.h \
util-logopenfile.h \
util-log-redis.h \
+ util-lua-builtins.h \
util-lua-common.h \
util-lua-dataset.h \
util-lua-dnp3.h \
util-logopenfile.c \
util-log-redis.c \
util-lua.c \
+ util-lua-builtins.c \
util-lua-common.c \
util-lua-dataset.c \
util-lua-dnp3.c \
#include "suricata-common.h"
#include "output-lua.h"
+#include "util-lua-builtins.h"
#include "util-print.h"
#include "util-unittest.h"
#include "util-debug.h"
if (luastate == NULL)
goto error;
luaL_openlibs(luastate);
+ SCLuaRequirefBuiltIns(luastate);
int status = luaL_loadfile(luastate, filename);
if (status) {
}
luaL_openlibs(luastate);
+ SCLuaRequirefBuiltIns(luastate);
int status = luaL_loadfile(luastate, filename);
if (status) {
--- /dev/null
+/* Copyright (C) 2025 Open Information Security Foundation
+ *
+ * You can copy, redistribute or modify this Program under the terms of
+ * the GNU General Public License version 2 as published by the Free
+ * Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * version 2 along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ */
+
+#include "suricata-common.h"
+#include "util-lua-builtins.h"
+#include "util-lua-hashlib.h"
+#include "util-lua-dataset.h"
+
+#include "lauxlib.h"
+
+static const luaL_Reg builtins[] = {
+ { "suricata.hashlib", SCLuaLoadHashlib },
+ { "suricata.dataset", LuaLoadDatasetLib },
+ { NULL, NULL },
+};
+
+/**
+ * \brief Load a Suricata built-in module in a sand-boxed environment.
+ */
+bool SCLuaLoadBuiltIns(lua_State *L, const char *name)
+{
+ for (const luaL_Reg *lib = builtins; lib->name; lib++) {
+ if (strcmp(name, lib->name) == 0) {
+ lib->func(L);
+ return true;
+ }
+ }
+ return false;
+}
+
+/**
+ * \brief Register Suricata built-in modules for loading in a
+ * non-sandboxed environment.
+ */
+void SCLuaRequirefBuiltIns(lua_State *L)
+{
+ for (const luaL_Reg *lib = builtins; lib->name; lib++) {
+ luaL_requiref(L, lib->name, lib->func, 0);
+ lua_pop(L, 1);
+ }
+}
--- /dev/null
+/* Copyright (C) 2025 Open Information Security Foundation
+ *
+ * You can copy, redistribute or modify this Program under the terms of
+ * the GNU General Public License version 2 as published by the Free
+ * Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * version 2 along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ */
+
+#ifndef SURICATA_UTIL_LUA_BUILTINS_H
+#define SURICATA_UTIL_LUA_BUILTINS_H
+
+#include "lua.h"
+
+bool SCLuaLoadBuiltIns(lua_State *L, const char *name);
+void SCLuaRequirefBuiltIns(lua_State *L);
+
+#endif /* SURICATA_UTIL_LUA_BUILTINS_H */
};
// clang-format on
-void LuaLoadDatasetLib(lua_State *luastate)
+int LuaLoadDatasetLib(lua_State *luastate)
{
luaL_newmetatable(luastate, "dataset::metatable");
lua_pushvalue(luastate, -1);
lua_setfield(luastate, -2, "__index");
luaL_setfuncs(luastate, datasetlib, 0);
luaL_newlib(luastate, datasetlib);
+
+ return 1;
}
#include "lua.h"
-void LuaLoadDatasetLib(lua_State *luastate);
+int LuaLoadDatasetLib(lua_State *luastate);
#endif /* SURICATA_UTIL_LUA_DATASET_H */
#include "util-debug.h"
#include "util-lua-sandbox.h"
-#include "util-lua-dataset.h"
-#include "util-lua-hashlib.h"
+#include "util-lua-builtins.h"
#define SANDBOX_CTX "SANDBOX_CTX"
{
const char *module_name = luaL_checkstring(L, 1);
- if (strcmp(module_name, "suricata.dataset") == 0) {
- LuaLoadDatasetLib(L);
- return 1;
- } else if (strcmp(module_name, "suricata.hashlib") == 0) {
- SCLuaLoadHashlib(L);
+ if (SCLuaLoadBuiltIns(L, module_name)) {
return 1;
}
projects / thirdparty / suricata.git / commitdiff
