cdramey
/
lua-fastcgi
Archived
1
0
Fork 0
Code Releases Activity
a sandboxed Lua backend for FastCGI
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.
2 Commits
1 Branch
0 Tags
46 KiB
Tree: 95e1a981ab
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '95e1a981ab'
${ noResults }
lua-fastcgi/src/lua.c

366 lines
7.7 KiB
Raw Normal View History

Squash merge into master branch
12 years ago
  1. #include <stdlib.h>
  2. #include <stdint.h>
  3. #include <string.h>
  4. #include <unistd.h>
  5. #include <ctype.h>
  6. #include <fcntl.h>
  7. #include <errno.h>
  8. #include <sys/time.h>
  9. #include <sys/resource.h>
  11. #include <fcgiapp.h>
  13. #include <lua5.1/lua.h>
  14. #include <lua5.1/lauxlib.h>
  15. #include <lua5.1/lualib.h>
  17. #include "lua.h"
  18. #include "lfuncs.h"
  20. #define LF_BUFFERSIZE 4096
  22. typedef struct {
  23. int fd;
  24. char buffer[LF_BUFFERSIZE];
  25. size_t total;
  26. } LF_loaderdata;
  29. #ifdef DEBUG
  30. void LF_printstack(lua_State *l)
  31. {
  32. int ss = lua_gettop(l);
  33. printf("Lua Stack:\n");
  34. for(int i=1; i <= ss; i++){
  35. printf("\t%d) %s\n", i, lua_typename(l, lua_type(l, i)));
  36. }
  37. }
  38. #endif
  41. // Gets current thread usage
  42. static int LF_threadusage(struct timeval *tv)
  43. {
  44. struct rusage usage;
  45. if(getrusage(RUSAGE_SELF, &usage) == -1){
  46. return 1;
  47. }
  49. // Add user to sys to get actual usage
  50. tv->tv_usec = usage.ru_utime.tv_usec + usage.ru_stime.tv_usec;
  51. tv->tv_sec = usage.ru_utime.tv_sec + usage.ru_stime.tv_sec;
  53. if(tv->tv_usec > 1000000){
  54. tv->tv_usec -= 1000000;
  55. tv->tv_sec++;
  56. }
  57. return 0;
  58. }
  61. // limits cpu usage
  62. static void LF_limit_hook(lua_State *l, lua_Debug *d)
  63. {
  64. lua_pushstring(l, "CPU_LIMIT");
  65. lua_rawget(l, LUA_REGISTRYINDEX);
  66. struct timeval *limit = lua_touserdata(l, -1);
  67. lua_pop(l, 1);
  69. struct timeval tv;
  70. if(LF_threadusage(&tv)){ luaL_error(l, "CPU usage sample error"); }
  71. if(timercmp(&tv, limit, >)){ luaL_error(l, "CPU limit exceeded"); }
  72. }
  75. // removes global variables
  76. static void LF_nilglobal(lua_State *l, char *var)
  77. {
  78. lua_pushnil(l);
  79. lua_setglobal(l, var);
  80. }
  83. // Limited memory allocator
  84. static void *LF_limit_alloc(void *ud, void *ptr, size_t osize, size_t nsize)
  85. {
  86. size_t *limit = ud;
  88. *limit += osize;
  90. if(nsize == 0){
  91. free(ptr);
  92. return NULL;
  93. } else {
  94. if(*limit < nsize){ return NULL; }
  95. *limit -= nsize;
  97. return realloc(ptr, nsize);
  98. }
  99. }
  102. // Allocates and initializes a new set of limits for a lua state
  103. LF_limits *LF_newlimits()
  104. {
  105. LF_limits *limits = malloc(sizeof(LF_limits));
  106. if(limits == NULL){ return NULL; }
  108. memset(limits, 0, sizeof(LF_limits));
  109. return limits;
  110. }
  113. void LF_setlimits(LF_limits *limits, size_t memory, size_t output, uint32_t cpu_sec, uint32_t cpu_usec)
  114. {
  115. limits->memory = memory;
  116. limits->output = output;
  117. limits->cpu.tv_usec = cpu_usec;
  118. limits->cpu.tv_sec = cpu_sec;
  119. }
  123. void LF_enablelimits(lua_State *l, LF_limits *limits)
  124. {
  125. if(limits->cpu.tv_usec > 0 || limits->cpu.tv_sec > 0){
  126. struct timeval curr;
  127. if(LF_threadusage(&curr)){
  128. printf("CPU usage sample error\n"); // FIX ME
  129. } else {
  130. timeradd(&limits->cpu, &curr, &limits->cpu);
  131. lua_sethook(l, &LF_limit_hook, LUA_MASKCOUNT, 1000);
  132. }
  134. lua_pushstring(l, "CPU_LIMIT");
  135. lua_pushlightuserdata(l, &limits->cpu);
  136. lua_rawset(l, LUA_REGISTRYINDEX);
  137. }
  139. if(limits->output){
  140. lua_pushstring(l, "RESPONSE_LIMIT");
  141. lua_pushlightuserdata(l, &limits->output);
  142. lua_rawset(l, LUA_REGISTRYINDEX);
  143. }
  145. if(limits->memory){ lua_setallocf(l, &LF_limit_alloc, &limits->memory); }
  146. }
  149. // Initialize a new lua state using specific parameters
  150. lua_State *LF_newstate(int sandbox, char *content_type)
  151. {
  152. lua_State *l = luaL_newstate();
  153. if(l == NULL){ return NULL; }
  155. // Load base
  156. lua_pushcfunction(l, luaopen_base);
  157. lua_pushliteral(l, "");
  158. lua_call(l, 1, 0);
  160. if(sandbox){
  161. // Load table
  162. lua_pushcfunction(l, luaopen_table);
  163. lua_pushliteral(l, LUA_TABLIBNAME);
  164. lua_call(l, 1, 0);
  166. // Load string
  167. lua_pushcfunction(l, luaopen_string);
  168. lua_pushliteral(l, LUA_STRLIBNAME);
  169. lua_call(l, 1, 0);
  171. // Load math
  172. lua_pushcfunction(l, luaopen_math);
  173. lua_pushliteral(l, LUA_MATHLIBNAME);
  174. lua_call(l, 1, 0);
  176. // Nil out unsafe functions/objects
  177. LF_nilglobal(l, "dofile");
  178. LF_nilglobal(l, "load");
  179. LF_nilglobal(l, "loadfile");
  180. LF_nilglobal(l, "xpcall");
  181. LF_nilglobal(l, "pcall");
  182. LF_nilglobal(l, "module");
  183. LF_nilglobal(l, "require");
  184. }
  186. // Register the print function
  187. lua_register(l, "print", &LF_print);
  188. // Register the write function
  189. lua_register(l, "write", &LF_write);
  191. // Setup the "HEADER" value
  192. lua_newtable(l);
  194. lua_pushstring(l, "Content-Type");
  195. lua_pushstring(l, content_type);
  196. lua_rawset(l, 1);
  198. lua_setglobal(l, "HEADER");
  200. return l;
  201. }
  204. // Set GET variables
  205. static void LF_parsequerystring(lua_State *l, char *query_string)
  206. {
  207. lua_newtable(l);
  209. int stack = lua_gettop(l);
  211. char *sptr, *optr, *nptr;
  212. for(nptr = optr = sptr = &query_string[0]; 1; optr++){
  213. switch(*optr){
  214. case '+':
  215. *nptr++ = ' ';
  216. break;
  218. case '=':
  219. // Push a key, if it's valid and there's not already one
  220. if(lua_gettop(l) == stack){
  221. if((nptr-sptr) > 0){ lua_pushlstring(l, sptr, (nptr - sptr)); }
  222. sptr = nptr;
  223. } else {
  224. *nptr++ = '=';
  225. }
  226. break;
  228. case '&':
  229. // Push key or value if valid
  230. if((nptr-sptr) > 0){ lua_pushlstring(l, sptr, (nptr - sptr)); }
  232. // Push value, if there is already a key
  233. if(lua_gettop(l) == (stack+1)){ lua_pushstring(l, ""); }
  235. // Set key/value if they exist
  236. if(lua_gettop(l) == (stack+2)){ lua_rawset(l, stack); }
  238. sptr = nptr;
  239. break;
  241. case '%': {
  242. // Decode hex percent encoded sets, if valid
  243. char c1 = *(optr+1), c2 = *(optr+2);
  244. if(isxdigit(c1) && isxdigit(c2)){
  245. char digit = 16 * (c1 >= 'A' ? (c1 & 0xdf) - '7' : (c1 - '0'));
  246. digit += (c2 >= 'A' ? (c2 & 0xdf) - '7' : (c2 - '0'));
  247. *nptr++ = digit;
  248. optr += 2;
  249. } else {
  250. *nptr++ = '%';
  251. }
  252. } break;
  254. case '\0':
  255. // Push key or value if valid
  256. if((nptr-sptr) > 0){ lua_pushlstring(l, sptr, (nptr - sptr)); }
  258. // Push value, if needed
  259. if(lua_gettop(l) == (stack+1)){ lua_pushstring(l, ""); }
  261. // Set key/value if valid
  262. if(lua_gettop(l) == (stack+2)){ lua_rawset(l, stack); }
  264. // Finally, set the table
  265. lua_setglobal(l, "GET");
  266. return;
  267. break;
  269. default:
  270. *nptr++ = *optr;
  271. break;
  272. }
  273. }
  274. }
  277. // Parses fastcgi request
  278. void LF_parserequest(lua_State *l, FCGX_Request *request, LF_response *response)
  279. {
  280. lua_newtable(l);
  281. for(char **p = request->envp; *p; ++p){
  282. char *vptr = strchr(*p, '=');
  283. int keylen = (vptr - *p);
  285. lua_pushlstring(l, *p, keylen); // Push Key
  286. lua_pushstring(l, (vptr+1)); // Push Value
  287. lua_rawset(l, 1); // Set key/value into table
  289. if(keylen == 12 && memcmp(*p, "QUERY_STRING", 12) == 0){
  290. LF_parsequerystring(l, (vptr+1));
  291. }
  292. }
  293. lua_setglobal(l, "REQUEST");
  295. response->committed = 0;
  296. response->out = request->out;
  297. lua_pushstring(l, "RESPONSE");
  298. lua_pushlightuserdata(l, response);
  299. lua_rawset(l, LUA_REGISTRYINDEX);
  300. }
  303. static const char *LF_filereader(lua_State *l, void *data, size_t *size)
  304. {
  305. LF_loaderdata *ld = data;
  307. *size = read(ld->fd, ld->buffer, LF_BUFFERSIZE);
  309. if(ld->total == 0 && *size > 3){
  310. if(memcmp(ld->buffer, LUA_SIGNATURE, 4) == 0){
  311. luaL_error(l, "Compiled bytecode not supported.");
  312. }
  313. }
  315. switch(*size){
  316. case 0: return NULL;
  317. case -1: luaL_error(l, strerror(errno));
  318. default:
  319. ld->total += *size;
  320. return ld->buffer;
  321. }
  322. }
  325. // Loads a lua file into a state
  326. int LF_loadfile(lua_State *l)
  327. {
  328. lua_getglobal(l, "REQUEST");
  330. int stack = lua_gettop(l);
  332. lua_pushstring(l, "SCRIPT_FILENAME");
  333. lua_rawget(l, stack);
  334. const char *path = lua_tostring(l, stack+1);
  336. lua_pushstring(l, "SCRIPT_NAME");
  337. lua_rawget(l, stack);
  338. const char *name = lua_tostring(l, stack+2);
  340. LF_loaderdata ld;
  341. ld.total = 0;
  342. ld.fd = open(path, O_RDONLY);
  343. if(ld.fd == -1){
  344. lua_pushstring(l, strerror(errno));
  345. return errno;
  346. }
  348. // Generate a string with an '=' followed by the script name
  349. // this ensures lua will generation a reasonable error
  350. size_t len = strlen(name) + 1;
  351. char scriptname[len + 1];
  352. scriptname[0] = '=';
  353. memcpy(&scriptname[1], name, len);
  355. int r = lua_load(l, &LF_filereader, &ld, scriptname);
  357. close(ld.fd);
  358. return (r == 0 ? 0 : ENOMSG);
  359. }
  362. // Closes a state
  363. void LF_closestate(lua_State *l)
  364. {
  365. lua_close(l);
  366. }