Strengthen custom flag validator sandbox

81185938 · Ivaria · 958f7394 · 81185938
Commit 81185938 authored 4 years ago by Ivaria
Hide whitespace changes
Inline Side-by-side

Showing with 57 additions and 30 deletions

VuhDoBouquetValidators.lua VuhDoBouquetValidators.lua +57 -30

No files found.
--- a/VuhDoBouquetValidators.lua
+++ b/VuhDoBouquetValidators.lua
@@ -1157,23 +1157,38 @@ local VUHDO_OVERRIDE_FUNCTIONS = { };

 local VUHDO_BLOCKED_FUNCTIONS = {
 	-- Lua functions that may allow breaking out of the environment
-	getfenv = true,
-	setfenv = true,
-	loadstring = true,
-	pcall = true,
+	getfenv = true, 
+	setfenv = true, 
+	loadstring = true, 
+	pcall = true, 
+	xpcall = true, 
 	-- blocked WoW API
-	SendMail = true,
-	SetTradeMoney = true,
-	AddTradeMoney = true,
-	PickupTradeMoney = true,
-	PickupPlayerMoney = true,
-	TradeFrame = true,
-	MailFrame = true,
-	EnumerateFrames = true,
-	RunScript = true,
-	AcceptTrade = true,
-	SetSendMailMoney = true,
-	EditMacro = true
+	SendMail = true, 
+	SetTradeMoney = true, 
+	AddTradeMoney = true, 
+	PickupTradeMoney = true, 
+	PickupPlayerMoney = true, 
+	TradeFrame = true, 
+	MailFrame = true, 
+	EnumerateFrames = true, 
+	RunScript = true, 
+	AcceptTrade = true, 
+	SetSendMailMoney = true, 
+	EditMacro = true, 
+	DevTools_DumpCommand = true, 
+	hash_SlashCmdList = true, 
+	CreateMacro = true, 
+	SetBindingMacro = true, 
+	GuildDisband = true, 
+	GuildUninvite = true, 
+	securecall = true
+};
+
+local VUHDO_BLOCKED_TABLES = {
+	SlashCmdList = true, 
+	SendMailMailButton = true, 
+	SendMailMoneyGold = true, 
+	MailFrameTab2 = true
 };


@@ -1186,20 +1201,32 @@ end


 local env_getglobal;
-local exec_env = setmetatable({}, { __index =
-	function(t, k)
-		if k == "_G" then
-			return t
-		elseif k == "getglobal" then
-			return env_getglobal
-		elseif VUHDO_BLOCKED_FUNCTIONS[k] then
-			return VUHDO_blockedFunction
-		elseif VUHDO_OVERRIDE_FUNCTIONS[k] then
-			return VUHDO_OVERRIDE_FUNCTIONS[k]
-		else
-			return _G[k]
-		end
-	end
+local exec_env = setmetatable({}, { 
+	__index =
+		function(t, k)
+			if k == "_G" then
+				return t
+			elseif k == "getglobal" then
+				return env_getglobal
+			elseif VUHDO_BLOCKED_FUNCTIONS[k] then
+				VUHDO_blockedFunction()
+
+				return function() end
+			elseif VUHDO_BLOCKED_TABLES[k] then 
+				VUHDO_blockedFunction()
+
+				return {}
+			elseif VUHDO_OVERRIDE_FUNCTIONS[k] then
+				return VUHDO_OVERRIDE_FUNCTIONS[k]
+			else
+				return _G[k]
+			end
+		end, 
+	__newindex = 
+		function(t, k, v) 
+			VUHDO_blockedFunction()
+		end,
+	__metatable = false
 });