mirrors/lua-sandbox
1
0
Fork 0
mirror of https://github.com/TangentFoxy/lua-sandbox.git synced 2025-07-29 19:42:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: mirrors:patch-1
Branches Tags
mirrors:master mirrors:patch-1 mirrors:1.0
mirrors:v1.0.1 mirrors:v1.0.0 mirrors:v0.5.0
..
compare: mirrors:master
Branches Tags
mirrors:master mirrors:patch-1 mirrors:1.0
mirrors:v1.0.1 mirrors:v1.0.0 mirrors:v0.5.0

1 Commits
patch-1 ... master

Author SHA1 Message Date
Rose Liverman
d0db2adafb fixing missing pack/unpack closes #1 2025-06-29 02:11:40 -06:00
2 changed files with 28 additions and 15 deletions
Expand all files Collapse all files

23
README.md
View File

@@ -140,29 +140,24 @@ If you want to turn off the quota completely, pass `quota=false` instead.
Use the `env` option to inject additional variables to the environment in which the sandboxed code is executed. Use the `env` option to inject additional variables to the environment in which the sandboxed code is executed.
```lua local msg = sandbox.run('return foo', {env = {foo = 'This is a global var on the the environment'}})
local msg = sandbox.run('return foo', {env = {foo = 'This is a global var on the the environment'}})
```
The `env` variable will be used as an "index" by the sandbox environment, but it will *not* be modified at all (changes The `env` variable will be used as an "index" by the sandbox environment, but it will *not* be modified at all (changes
to the environment are thus lost). The only way to "get information out" from the sandboxed environments are: to the environment are thus lost). The only way to "get information out" from the sandboxed environments are:
Through side effects, like writing to a database. You will have to provide the side-effects functions in `env`: Through side effects, like writing to a database. You will have to provide the side-effects functions in `env`:
```lua local val = 1
local val = 1 local env = { write_db = function(new_val) val = new_val end }
local env = { write_db = function(new_val) val = new_val end } sandbox.run('write_db(2)')
sandbox.run('write_db(2)', { env = env }) assert(val = 2)
assert(val = 2)
```
Through returned values: Through returned values:
```lua local env = { amount = 1 }
local env = { amount = 1 } local result = sandbox.run('return amount + 1', { env = env })
local result = sandbox.run('return amount + 1', { env = env }) assert(result = 2)
assert(result = 2)
```
Installation Installation
============ ============

20
sandbox.lua
View File

@@ -1,5 +1,5 @@
local sandbox = { local sandbox = {
_VERSION = "sandbox 0.5", _VERSION = "sandbox 0.5.1",
_DESCRIPTION = "A pure-lua solution for running untrusted Lua code.", _DESCRIPTION = "A pure-lua solution for running untrusted Lua code.",
_URL = "https://github.com/kikito/sandbox.lua", _URL = "https://github.com/kikito/sandbox.lua",
_LICENSE = [[ _LICENSE = [[
@@ -29,6 +29,24 @@ local sandbox = {
} }
-- 0.5.1 fixing missing pack and unpack functions for some Lua versions
if not table.pack then
table.pack = function(...)
local t = {...}
t.n = select("#", ...)
return t
end
end
if not table.unpack then
table.unpack = function(tab, start, finish)
local result = {}
for i = start or 1, finish or #tab do
result[#result + 1] = tab[i]
end
return result
end
end
-- quotas don't work in LuaJIT since debug.sethook works differently there -- quotas don't work in LuaJIT since debug.sethook works differently there
local quota_supported = type(_G.jit) == "nil" local quota_supported = type(_G.jit) == "nil"
sandbox.quota_supported = quota_supported sandbox.quota_supported = quota_supported