cdramey
/
lua-fastcgi
Archived
1
0
Fork 0
Code Releases Activity
a sandboxed Lua backend for FastCGI
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.
3 Commits
1 Branch
0 Tags
46 KiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
lua-fastcgi/src/lua.c

430 lines
9.6 KiB
Raw Permalink Normal View History

Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
Switched to mmap for loading files. Added POST variable handling. Added sandboxed loadstring, loadfile and dofile functions for Lua. Fixed bug where errors generated during request parsing may cause memory leaks on certain platforms. Fixed bug where non-string errors generated by Lua would cause a segmentation fault. Corrected various typos and unclear code comments.
12 years ago
Squash merge into master branch
12 years ago
  1. #include <stdlib.h>
  2. #include <inttypes.h>
  3. #include <stdint.h>
  4. #include <string.h>
  5. #include <unistd.h>
  6. #include <ctype.h>
  7. #include <fcntl.h>
  8. #include <errno.h>
  9. #include <sys/stat.h>
  10. #include <sys/mman.h>
  11. #include <sys/time.h>
  12. #include <sys/resource.h>
  14. #include <fcgiapp.h>
  16. #include <lua5.1/lua.h>
  17. #include <lua5.1/lauxlib.h>
  18. #include <lua5.1/lualib.h>
  20. #include "lua.h"
  21. #include "lfuncs.h"
  24. #ifdef DEBUG
  25. void LF_printstack(lua_State *l)
  26. {
  27. int ss = lua_gettop(l);
  28. printf("Lua Stack:\n");
  29. for(int i=1; i <= ss; i++){
  30. printf("\t%d) %s\n", i, lua_typename(l, lua_type(l, i)));
  31. }
  32. }
  33. #endif
  36. // Gets current thread usage
  37. static int LF_threadusage(struct timeval *tv)
  38. {
  39. struct rusage usage;
  40. if(getrusage(RUSAGE_SELF, &usage) == -1){
  41. return 1;
  42. }
  44. // Add user to sys to get actual usage
  45. tv->tv_usec = usage.ru_utime.tv_usec + usage.ru_stime.tv_usec;
  46. tv->tv_sec = usage.ru_utime.tv_sec + usage.ru_stime.tv_sec;
  48. if(tv->tv_usec > 1000000){
  49. tv->tv_usec -= 1000000;
  50. tv->tv_sec++;
  51. }
  52. return 0;
  53. }
  56. // limits cpu usage
  57. static void LF_limit_hook(lua_State *l, lua_Debug *d)
  58. {
  59. lua_pushstring(l, "CPU_LIMIT");
  60. lua_rawget(l, LUA_REGISTRYINDEX);
  61. struct timeval *limit = lua_touserdata(l, -1);
  62. lua_pop(l, 1);
  64. struct timeval tv;
  65. if(LF_threadusage(&tv)){ luaL_error(l, "CPU usage sample error"); }
  66. if(timercmp(&tv, limit, >)){ luaL_error(l, "CPU limit exceeded"); }
  67. }
  70. // removes global variables
  71. static void LF_nilglobal(lua_State *l, char *var)
  72. {
  73. lua_pushnil(l);
  74. lua_setglobal(l, var);
  75. }
  78. // Limited memory allocator
  79. static void *LF_limit_alloc(void *ud, void *ptr, size_t osize, size_t nsize)
  80. {
  81. size_t *limit = ud;
  83. *limit += osize;
  85. if(nsize == 0){
  86. free(ptr);
  87. return NULL;
  88. } else {
  89. if(*limit < nsize){ return NULL; }
  90. *limit -= nsize;
  92. return realloc(ptr, nsize);
  93. }
  94. }
  97. // Allocates and initializes a new set of limits for a lua state
  98. LF_limits *LF_newlimits()
  99. {
  100. LF_limits *limits = malloc(sizeof(LF_limits));
  101. if(limits == NULL){ return NULL; }
  103. memset(limits, 0, sizeof(LF_limits));
  104. return limits;
  105. }
  108. void LF_setlimits(LF_limits *limits, size_t memory, size_t output, uint32_t cpu_sec, uint32_t cpu_usec)
  109. {
  110. limits->memory = memory;
  111. limits->output = output;
  112. limits->cpu.tv_usec = cpu_usec;
  113. limits->cpu.tv_sec = cpu_sec;
  114. }
  117. void LF_enablelimits(lua_State *l, LF_limits *limits)
  118. {
  119. if(limits->cpu.tv_usec > 0 || limits->cpu.tv_sec > 0){
  120. struct timeval curr;
  121. if(LF_threadusage(&curr)){
  122. printf("CPU usage sample error\n"); // FIX ME
  123. } else {
  124. timeradd(&limits->cpu, &curr, &limits->cpu);
  125. lua_sethook(l, &LF_limit_hook, LUA_MASKCOUNT, 1000);
  126. }
  128. lua_pushstring(l, "CPU_LIMIT");
  129. lua_pushlightuserdata(l, &limits->cpu);
  130. lua_rawset(l, LUA_REGISTRYINDEX);
  131. }
  133. if(limits->output){
  134. lua_pushstring(l, "RESPONSE_LIMIT");
  135. lua_pushlightuserdata(l, &limits->output);
  136. lua_rawset(l, LUA_REGISTRYINDEX);
  137. }
  139. if(limits->memory){
  140. lua_pushstring(l, "MEMORY_LIMIT");
  141. lua_pushlightuserdata(l, &limits->memory);
  142. lua_rawset(l, LUA_REGISTRYINDEX);
  144. lua_setallocf(l, &LF_limit_alloc, &limits->memory);
  145. }
  146. }
  149. // Initialize a new lua state using specific parameters
  150. lua_State *LF_newstate(int sandbox, char *content_type)
  151. {
  152. lua_State *l = luaL_newstate();
  153. if(l == NULL){ return NULL; }
  155. // Load base
  156. lua_pushcfunction(l, luaopen_base);
  157. lua_pushliteral(l, "");
  158. lua_call(l, 1, 0);
  160. if(sandbox){
  161. // Load table
  162. lua_pushcfunction(l, luaopen_table);
  163. lua_pushliteral(l, LUA_TABLIBNAME);
  164. lua_call(l, 1, 0);
  166. // Load string
  167. lua_pushcfunction(l, luaopen_string);
  168. lua_pushliteral(l, LUA_STRLIBNAME);
  169. lua_call(l, 1, 0);
  171. // Load math
  172. lua_pushcfunction(l, luaopen_math);
  173. lua_pushliteral(l, LUA_MATHLIBNAME);
  174. lua_call(l, 1, 0);
  176. // Nil out unsafe functions/objects
  177. LF_nilglobal(l, "load");
  178. LF_nilglobal(l, "xpcall");
  179. LF_nilglobal(l, "pcall");
  180. LF_nilglobal(l, "module");
  181. LF_nilglobal(l, "require");
  183. // Override unsafe functions
  184. lua_register(l, "loadstring", &LF_loadstring);
  185. lua_register(l, "loadfile", &LF_loadfile);
  186. lua_register(l, "dofile", &LF_dofile);
  187. }
  189. // Register the print function
  190. lua_register(l, "print", &LF_print);
  191. // Register the write function
  192. lua_register(l, "write", &LF_write);
  194. // Setup the "HEADER" value
  195. lua_newtable(l);
  197. lua_pushstring(l, "Content-Type");
  198. lua_pushstring(l, content_type);
  199. lua_rawset(l, 1);
  201. lua_setglobal(l, "HEADER");
  203. return l;
  204. }
  207. // Set GET variables
  208. static void LF_parsequerystring(lua_State *l, char *query_string, char *table)
  209. {
  210. lua_newtable(l);
  212. int stack = lua_gettop(l);
  214. char *sptr, *optr, *nptr;
  215. for(nptr = optr = sptr = &query_string[0]; 1; optr++){
  216. switch(*optr){
  217. case '+':
  218. *nptr++ = ' ';
  219. break;
  221. case '=':
  222. // Push a key, if it's valid and there's not already one
  223. if(lua_gettop(l) == stack){
  224. if((nptr-sptr) > 0){ lua_pushlstring(l, sptr, (nptr - sptr)); }
  225. sptr = nptr;
  226. } else {
  227. *nptr++ = '=';
  228. }
  229. break;
  231. case '&':
  232. // Push key or value if valid
  233. if((nptr-sptr) > 0){ lua_pushlstring(l, sptr, (nptr - sptr)); }
  235. // Push value, if there is already a key
  236. if(lua_gettop(l) == (stack+1)){ lua_pushstring(l, ""); }
  238. // Set key/value if they exist
  239. if(lua_gettop(l) == (stack+2)){ lua_rawset(l, stack); }
  241. sptr = nptr;
  242. break;
  244. case '%': {
  245. // Decode hex percent encoded sets, if valid
  246. char c1 = *(optr+1), c2 = *(optr+2);
  247. if(isxdigit(c1) && isxdigit(c2)){
  248. char digit = 16 * (c1 >= 'A' ? (c1 & 0xdf) - '7' : (c1 - '0'));
  249. digit += (c2 >= 'A' ? (c2 & 0xdf) - '7' : (c2 - '0'));
  250. *nptr++ = digit;
  251. optr += 2;
  252. } else {
  253. *nptr++ = '%';
  254. }
  255. } break;
  257. case '\0':
  258. // Push key or value if valid
  259. if((nptr-sptr) > 0){ lua_pushlstring(l, sptr, (nptr - sptr)); }
  261. // Push value, if needed
  262. if(lua_gettop(l) == (stack+1)){ lua_pushstring(l, ""); }
  264. // Set key/value if valid
  265. if(lua_gettop(l) == (stack+2)){ lua_rawset(l, stack); }
  267. // Finally, set the table
  268. lua_setglobal(l, table);
  269. return;
  270. break;
  272. default:
  273. *nptr++ = *optr;
  274. break;
  275. }
  276. }
  277. }
  280. // Parses fastcgi request
  281. void LF_parserequest(lua_State *l, FCGX_Request *request, LF_state *state)
  282. {
  283. uintmax_t content_length = 0;
  284. char *content_type = NULL;
  286. state->committed = 0;
  287. state->response = request->out;
  288. lua_pushstring(l, "STATE");
  289. lua_pushlightuserdata(l, state);
  290. lua_rawset(l, LUA_REGISTRYINDEX);
  292. lua_newtable(l);
  293. for(char **p = request->envp; *p; ++p){
  294. char *vptr = strchr(*p, '=');
  295. int keylen = (vptr - *p);
  297. lua_pushlstring(l, *p, keylen); // Push Key
  298. lua_pushstring(l, (vptr+1)); // Push Value
  299. lua_rawset(l, 1); // Set key/value into table
  301. switch(keylen){
  302. case 11:
  303. if(memcmp(*p, "SCRIPT_NAME", 11) == 0){
  304. lua_pushstring(l, "SCRIPT_NAME");
  305. lua_pushlightuserdata(l, (vptr+1));
  306. lua_rawset(l, LUA_REGISTRYINDEX);
  307. }
  308. break;
  310. case 12:
  311. if(memcmp(*p, "QUERY_STRING", 12) == 0){
  312. LF_parsequerystring(l, (vptr+1), "GET");
  313. } if(memcmp(*p, "CONTENT_TYPE", 12) == 0){
  314. content_type = (vptr+1);
  315. }
  316. break;
  318. case 13:
  319. if(memcmp(*p, "DOCUMENT_ROOT", 13) == 0){
  320. lua_pushstring(l, "DOCUMENT_ROOT");
  321. lua_pushlightuserdata(l, (vptr+1));
  322. lua_rawset(l, LUA_REGISTRYINDEX);
  323. }
  324. break;
  326. case 14:
  327. if(memcmp(*p, "CONTENT_LENGTH", 14) == 0){
  328. content_length = strtoumax((vptr+1), NULL, 10);
  329. }
  330. break;
  332. case 15:
  333. if(memcmp(*p, "SCRIPT_FILENAME", 15) == 0){
  334. lua_pushstring(l, "SCRIPT_FILENAME");
  335. lua_pushlightuserdata(l, (vptr+1));
  336. lua_rawset(l, LUA_REGISTRYINDEX);
  337. }
  338. break;
  339. }
  340. }
  341. lua_setglobal(l, "REQUEST");
  343. if(content_length > 0 && content_type != NULL && memcmp(content_type, "application/x-www-form-urlencoded", 33) == 0){
  344. char *content = lua_newuserdata(l, content_length+1);
  345. int r = FCGX_GetStr(
  346. content, (content_length > INT_MAX ? INT_MAX : content_length),
  347. request->in
  348. );
  349. *(content + r) = 0; // Add NUL byte at end for proper string
  350. LF_parsequerystring(l, content, "POST");
  351. lua_pop(l, 1);
  352. }
  353. }
  356. // Load script by name and path
  357. int LF_fileload(lua_State *l, const char *name, char *scriptpath)
  358. {
  359. char *script = NULL;
  360. int fd = -1, r = 0;
  361. struct stat sb;
  363. if(scriptpath == NULL){ return LF_ERRNOPATH; }
  364. if(name == NULL){ return LF_ERRNONAME; }
  366. // Generate a string with an '=' followed by the script name
  367. // this ensures lua will generation a reasonable error
  368. size_t namelen = strlen(name);
  369. char scriptname[namelen+2];
  370. scriptname[0] = '=';
  371. memcpy(&scriptname[1], name, namelen+1);
  373. if((fd = open(scriptpath, O_RDONLY)) == -1){ goto errorL; }
  375. if(fstat(fd, &sb) == -1){ goto errorL; }
  377. if((script = mmap(NULL, sb.st_size, PROT_READ, MAP_SHARED, fd, 0)) == NULL){
  378. goto errorL;
  379. }
  381. if(madvise(script, sb.st_size, MADV_SEQUENTIAL) == -1){ goto errorL; }
  383. if(sb.st_size > 3 && memcmp(script, LUA_SIGNATURE, 4) == 0){
  384. r = LF_ERRBYTECODE;
  385. } else {
  386. switch(luaL_loadbuffer(l, script, sb.st_size, scriptname)){
  387. case LUA_ERRSYNTAX: r = LF_ERRSYNTAX; break;
  388. case LUA_ERRMEM: r = LF_ERRMEMORY; break;
  389. }
  390. }
  392. if(script != NULL){ munmap(script, sb.st_size); }
  393. if(fd != -1){ close(fd); }
  394. return r;
  396. errorL:
  397. if(script != NULL){ munmap(script, sb.st_size); }
  398. if(fd != -1){ close(fd); }
  399. switch(errno){
  400. case EACCES: return r = LF_ERRACCESS;
  401. case ENOENT: return r = LF_ERRNOTFOUND;
  402. case ENOMEM: return r = LF_ERRMEMORY;
  403. default: return r = LF_ERRANY;
  404. }
  405. return r;
  406. }
  409. // Loads script specified in registryindex into lua state
  410. int LF_loadscript(lua_State *l)
  411. {
  412. lua_pushstring(l, "SCRIPT_FILENAME");
  413. lua_rawget(l, LUA_REGISTRYINDEX);
  414. char *scriptpath = lua_touserdata(l, 1);
  415. lua_pop(l, 1);
  417. lua_pushstring(l, "SCRIPT_NAME");
  418. lua_rawget(l, LUA_REGISTRYINDEX);
  419. char *name = lua_touserdata(l, 1);
  420. lua_pop(l, 1);
  422. return LF_fileload(l, name, scriptpath);
  423. }
  426. // Closes a state
  427. void LF_closestate(lua_State *l)
  428. {
  429. lua_close(l);
  430. }