From cd211ba0fded8fd6f04be1bf112c17c43a0a8715 Mon Sep 17 00:00:00 2001
From: David Capello <david@igara.com>
Date: Sun, 21 Apr 2024 14:30:25 -0300
Subject: [PATCH] [lua] Ask permissions for io.lines/input/output functions

---
 src/app/script/security.cpp | 48 +++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

diff --git a/src/app/script/security.cpp b/src/app/script/security.cpp
index 1edfa5cd5..af4985c33 100644
--- a/src/app/script/security.cpp
+++ b/src/app/script/security.cpp
@@ -36,12 +36,18 @@ namespace {
 
 int secure_io_open(lua_State* L);
 int secure_io_popen(lua_State* L);
+int secure_io_lines(lua_State* L);
+int secure_io_input(lua_State* L);
+int secure_io_output(lua_State* L);
 int secure_os_execute(lua_State* L);
 int secure_package_loadlib(lua_State* L);
 
 enum {
   io_open,
   io_popen,
+  io_lines,
+  io_input,
+  io_output,
   os_execute,
   package_loadlib,
 };
@@ -54,6 +60,9 @@ static struct {
 } replaced_functions[] = {
   { "io", "open", secure_io_open },
   { "io", "popen", secure_io_popen },
+  { "io", "lines", secure_io_lines },
+  { "io", "input", secure_io_input },
+  { "io", "output", secure_io_output },
   { "os", "execute", secure_os_execute },
   { "package", "loadlib", secure_package_loadlib },
 };
@@ -135,6 +144,45 @@ int secure_io_popen(lua_State* L)
   return replaced_functions[io_popen].origfunc(L);
 }
 
+int secure_io_lines(lua_State* L)
+{
+  if (auto fn = lua_tostring(L, 1)) {
+    std::string absFilename = base::get_absolute_path(fn);
+
+    if (!ask_access(L, absFilename.c_str(), FileAccessMode::Read, ResourceType::File)) {
+      return luaL_error(L, "the script doesn't have access to file '%s'",
+                        absFilename.c_str());
+    }
+  }
+  return replaced_functions[io_lines].origfunc(L);
+}
+
+int secure_io_input(lua_State* L)
+{
+  if (auto fn = lua_tostring(L, 1)) {
+    std::string absFilename = base::get_absolute_path(fn);
+
+    if (!ask_access(L, absFilename.c_str(), FileAccessMode::Read, ResourceType::File)) {
+      return luaL_error(L, "the script doesn't have access to file '%s'",
+                        absFilename.c_str());
+    }
+  }
+  return replaced_functions[io_input].origfunc(L);
+}
+
+int secure_io_output(lua_State* L)
+{
+  if (auto fn = lua_tostring(L, 1)) {
+    std::string absFilename = base::get_absolute_path(fn);
+
+    if (!ask_access(L, absFilename.c_str(), FileAccessMode::Write, ResourceType::File)) {
+      return luaL_error(L, "the script doesn't have access to file '%s'",
+                        absFilename.c_str());
+    }
+  }
+  return replaced_functions[io_output].origfunc(L);
+}
+
 int secure_os_execute(lua_State* L)
 {
   const char* cmd = luaL_checkstring(L, 1);