scons/lua.py makes use of the vestigial luadir option from commit
e94dcecf171.
Like FindLua.cmake, scons/lua.py searches for the Lua headers and
library, instead of using pkg-config like the old scons/lua.py (removed
in commit 9929d3ca1cf) did, because even though distributions typically
provide .pc files for Lua, upstream Lua doesn't. It's likely that all
distributions that compile Lua as a C++ library will also provide .pc
files, but this check doesn't rely on that (just as the CMake module
doesn't).
Unfortunately, SCons.Conftest.CheckLib() prints up to eight messages
like "Checking for C++ library lua54-c++... no" until a working library
name is found.
Also conditionally include system Lua headers in src/lua/*.h and update
documentation in src/modules/lua_README.md, src/wesnoth_lua_config.h,
and src/wesnoth_lua_config.md. The two lines about "The primary commit,
after replacing the sources," in src/wesnoth_lua_config.md don't make
sense since the instructions were updated for submodule Lua in commit
d32cfb88c4f and make even less sense now with preceding commits for
updating CMake modules.
These will be changed to conditionally include system Lua headers,
e.g. "lua.h", instead of submodule Lua headers, e.g. "module/lua/lua.h".
If a header named "lua.h" includes "lua.h", the build will fail due to
recursion.
This can't be solved using angle brackets to include system headers,
because macos builds won't find them:
In file included from /Users/runner/work/wesnoth/wesnoth/src/ai/registry.cpp:30:
In file included from /Users/runner/work/wesnoth/wesnoth/src/ai/composite/aspect.hpp:24:
In file included from /Users/runner/work/wesnoth/wesnoth/src/ai/lua/lua_object.hpp:25:
/Users/runner/work/wesnoth/wesnoth/src/lua/lua.h:4:14: error: 'lua.h' file not found with <angled> include; use "quotes" instead
#include <lua.h>
^~~~~~~
"lua.h"
Renamed with (requires GNU sed):
$ for f in src/lua/*.h; do
> git mv "${f}" "src/lua/wrapper_${f#src/lua/}";
> done
$ git grep -El -- '#[ \t]*include[ \t]+"lua/[^"]+[.]h"' src | \
> xargs sed -Ei -- '
> s|(#[ \t]*include[ \t]+"lua/)(lua[.]h")( )?|\1wrapper_\2|;
> s|(#[ \t]*include[ \t]+"lua/)(lualib[.]h")( )?|\1wrapper_\2|;
> s|(#[ \t]*include[ \t]+"lua/)(lauxlib[.]h")( )?|\1wrapper_\2|;
> '
The change to static_cast for the definition of LUAL_BUFFERSIZE replaces the fix previously used (d0100758f855ec0d8f30dff41e8a8b6ff2d45fda) for Lua 5.3. 5.4 removes the static alternative for LUAL_BUFFERSIZE. A better solution would probably be to disable the old-style-cast warning for luaconf.h, but I can't figure out how to do that so using static_cast is the easiest solution. Do note that change will have to be applied each Lua update like the aforementioned commit.
Monkey-patching has multiple problems. The biggest problem for a security
fix like this is that it's way too easy to forget to re-apply when we
update Lua to a newer version.
Instead, we now have the implementation of load() under our control and can
update Lua without risk of reintroducing CVE-2018-1999023.
(cherry-picked from commit 52ae31efb21b31f5bb0763d1da24709e90393c59)
This could otherwise be used to escape the lua sandbox, as described in
multiple sources. For example one can use it to reenable the os.execute
function to do shell commands
The affected functions were
load,loadstring,wesnoth.dofile,wesnoth.require and various places in the
wesnoth source where lua chunks were loaded for example by the ai code.
This commit also changes the lua source to change luas load (which is
the same as loadstring), alternatively we could add a wrapper around the
original load function that always passes "t" as third parameter, i went
this way mostly because it was easier to implement, but also because i
was not 100% sure that is is impossible to query the upvalues of a
function via lua (wesnoth disables debug.getupvalue but still).
There is also an occurance in the application_lua_kernel that was not fixed
because i assumed that umc cannot contian application lua scipts.
As further security measure we might want to disable printing the function
adress in luas tostring for c functions, this cannot be exploited by itself
but it can be used to defeat ASLR in some cases.
(cherry-picked from commit 2554c166dd45bfdee8ee24431224bd25e52bab12)
In Lua 5.3.3, LUAL_BUFFERSIZE always equaled the constant since LUA_FLOAT_LONGDOUBLE was always defined.
This check changed in 5.3.4 and the alternate path was being used for LUAL_BUFFERSIZE and triggering
old-style cast warnings in Scons + GCC. Hopefully this gets fixed for 5.3.5.
The following patch constitutes the changes (though they were applied by hand):
*** luaconf.h.old 2017-10-09 23:38:22.641645801 -0500
--- luaconf.h 2017-10-09 23:38:56.548577911 -0500
***************
*** 748,758 ****
** smaller buffer would force a memory allocation for each call to
** 'string.format'.)
*/
- #if LUA_FLOAT_TYPE == LUA_FLOAT_LONGDOUBLE
#define LUAL_BUFFERSIZE 8192
- #else
- #define LUAL_BUFFERSIZE ((int)(0x80 * sizeof(void*) * sizeof(lua_Integer)))
- #endif
/* }================================================================== */
--- 748,754 ----
Dead keys with nil values can stay in weak tables.
reported by 云风 Cloud Wu on 15 Aug 2017. existed since 5.2.
Example:
See https://www.lua.org/bugs.html#5.3.4-5.
Lua does not check GC when creating error messages.
reported by Viacheslav Usov on 06 Jul 2017. existed since 5.3.2.
Example:
See https://www.lua.org/bugs.html#5.3.4-4.
Wrong code generated for a 'goto' followed by a label inside an 'if'.
reported by 云风 on 13 Apr 2017. existed since 5.2.
Example:
See https://www.lua.org/bugs.html#5.3.4-1.
* Use separate files to build scons and to build lua for cmake
Move lists of source files into their own directory
Make scons use the lists of source files
Move lua build step to src/SConscript and delete src/lua/SConscript
Make cmake use the separate file with the list of lua sources to build
* Finish changing over to source lists
scons
move source files from libraries that don't appear in cmake over to existing source lists - libcampaignd, libcutter, libdummy_video, libtest_utils
add the defines FIFODIR and WESNOTH_PATH to all compiled source files, as cmake does, and move the single files those defines had previously been defined on into the source lists
remove WESNOTH_PREFIX, as not used
added schema_validator sources from cmake
added OBJPREFIX to - cutter, exploder, campaignd, schema_generator, schema_validator
cmake
change over to using the source lists
move source files from libraries that don't appear in scons over to existing source lists - wesnoth-gui_types, wesnoth-gui_event, wesnoth-gui_iterator, wesnoth-gui_placer, wesnoth-gui_tooltip, wesnoth-gui_widget, wesnoth-gui_widget_definition, wesnoth-gui1_widgets, wesnoth-schema_validator
Check if LTO is enabled
Add LTO flag
Added a flag to enable/disable LTO. Also pass optimization options to the linker, since older versions of gcc may not automatically use the same options for linking and compiling, and it seems likely clang doesn't do this either.
m3
Checking a format for os.date may read pass the format string.
reported by Nagaev Boris on 10 Jul 2016. existed since 5.3.3.
Example:
This bug does not seem to happen with regular compilers. It needs an "interceptor" 'memcmp' function that continues reading memory after a difference is found.
Expression list with four or more expressions in a 'for' loop can crash the interpreter.
reported by Marco Schöpl on 17 Jun 2016. existed since 5.2.
Example:
-- the next loop will probably crash the interpreter
repeat until load "for _ in _,_,_,_ do local function _() end"
luaconf.h provides a place for us to make changes, avoiding the need to change the original definitions. Move everything down there. This encompases the following changes:
1) Disable compatibility with old versions of Lua in the C++. Compatability is maintained only for the Lua runtime. Only one correction was needed: in application_lua_kernel.cpp
2) Change how the backpointer is defined, for forward compatability with Lua 5.3. This effected only one line: in lua_kernel_base.cpp. Using the Lua 5.3 macro caused a GCC warning, suppressed it for that line.
3) Certain Windows-only features are no longer available in the Lua runtime. These features are all in the Lua io module, which we don't allow access to, so this is a non-change for the runtime.
4) Lua will behave as if it is a standard C environment. This, again, mainly effects the Windows environment and features we don't allow access to in the runtime.
Rather than change the source, if the proplem still exists, use a compiler flag to suppress the messages.
This reverts the commit
commit 12a7a5a1e0fee21e0c88042c6b3c7be1c73f30e3
Author: Mark de Wever <koraq@xs4all.nl>
Date: Sun Oct 6 17:35:11 2013 +0200
Remove unused const variables.
The issue was detected by the upcomming Clang 3.4.
Do not change the released Lua source code. Lua is written as standard C, but we compile it as C++ so we can use exceptions. Change the call sites to avoid the warnings about using a C cast instead of static_cast<int>().
NB: The changes to Wesnoth C++ code will be required to upgrade to Lua 5.3, anyway.
This reverts:
commit cee3ab208401a439e15004b79b4fa5c5bf9a9e5a
Author: Mark de Wever <koraq@xs4all.nl>
Date: Sun Feb 5 19:55:32 2012 +0000
Fix compiler warnings.
Lua, as released, has the correct definition of PI for 'double' (64-bit) floats. It is as precise as possible. If the Boost 128- or 256-bit definitions produce a different value than what Lua provides either (1) we're no longer on 64-bit double floats, (2) there is a typo in Boost, or (3) there is a bug in your compiler.
This reverts the Lua portion of the following commit:
commit f5e673e6443220c57e40cea31d430870b4f73925
Author: fendrin <fabianmueller5@gmx.de>
Date: Thu Sep 19 01:06:23 2013 +0200
Replace all kinds of the constant pi representations.
Replaces every appearance of the circle constant pi I could find with
the representation from boost/math/constants/constants.hpp.
Revert this commit. There was no off-by-one but this commit created one.
Commit commit 299a29f99a84767731dbadd540712d1a37e5e10d
Author: Alexander van Gessel <ai0867@gmail.com>
Date: Mon Dec 2 17:55:02 2013 +0100
Fix an off-by-one past-the-end buffer read in lua
Found by coverity
Lua deprecated luaL_typerror. Wesnoth needs it. Traditionally this was handled as a by-hand edit to the Lua source kit. Refactored into Wesnoth as luaW_type_error.
This adds -Wold-style-cast to the CCFLAGS when compiling everything
but lua. Lua requires an exception from the flags and there's thus a
workaround added.
This removes all legacy SDL1.2 code. It was done by invoking:
coan source --replace --no-transients -D"SDL_VERSION_ATLEAST(X, Y, Z)"=1 <file>
on each file.
