suricata
Data Structures | Typedefs | Functions
util-lua-sandbox.h File Reference
#include "lua.h"
#include "suricata-common.h"
Include dependency graph for util-lua-sandbox.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  SCLuaSbState
 

Typedefs

typedef struct SCLuaSbState SCLuaSbState
 

Functions

lua_StateSCLuaSbStateNew (uint64_t alloclimit, uint64_t instructionlimit)
 Allocate a new Lua sandbox. More...
 
void SCLuaSbStateClose (lua_State *sb)
 
SCLuaSbStateSCLuaSbGetContext (lua_State *L)
 
void SCLuaSbResetInstructionCounter (lua_State *sb)
 
void SCLuaSbLoadLibs (lua_State *L)
 

Detailed Description

Author
Jo Johnson pyroj.nosp@m.oe31.nosp@m.4@gma.nosp@m.il.c.nosp@m.om

Definition in file util-lua-sandbox.h.

Typedef Documentation

◆ SCLuaSbState

typedef struct SCLuaSbState SCLuaSbState

Function Documentation

◆ SCLuaSbGetContext()

SCLuaSbState* SCLuaSbGetContext ( lua_State L)

Retreive the SCLuaSbState from a lua_State.

Get the Suricata Lua sandbox context from the lua_State.

Note: May return null if this Lua state was not allocated from the sandbox.

Definition at line 336 of file util-lua-sandbox.c.

References ctx, and SANDBOX_CTX.

Referenced by SCLuaSbResetInstructionCounter(), and SCLuaSbStateClose().

Here is the caller graph for this function:

◆ SCLuaSbLoadLibs()

void SCLuaSbLoadLibs ( lua_State L)

Load allowed Lua libraries into the state.

Functions from each library that are not in the allowed list are replaced with LuaBlockedFunction.

Definition at line 268 of file util-lua-sandbox.c.

◆ SCLuaSbResetInstructionCounter()

void SCLuaSbResetInstructionCounter ( lua_State L)

Reset the instruction counter for the provided state.

Definition at line 372 of file util-lua-sandbox.c.

References SCLuaSbState::blocked_function_error, SCLuaSbState::instruction_count, SCLuaSbState::instruction_count_error, and SCLuaSbGetContext().

Here is the call graph for this function:

◆ SCLuaSbStateClose()

void SCLuaSbStateClose ( lua_State sb)

Definition at line 345 of file util-lua-sandbox.c.

References SCLuaSbState::alloc_bytes, BUG_ON, SCLuaSbState::L, SCFree, and SCLuaSbGetContext().

Here is the call graph for this function:

◆ SCLuaSbStateNew()

lua_State* SCLuaSbStateNew ( uint64_t  alloclimit,
uint64_t  instructionlimit 
)

Allocate a new Lua sandbox.

Returns
An allocated sandbox state or NULL if memory allocation fails.

Definition at line 304 of file util-lua-sandbox.c.

References SCLuaSbState::alloc_bytes, SCLuaSbState::alloc_limit, SCLuaSbState::hook_instruction_count, SCLuaSbState::instruction_limit, SCLuaSbState::L, and SCCalloc.