From e52f762861565ea38d9fbd35d0fbcddb31861f1f Mon Sep 17 00:00:00 2001 From: Oiltanker Date: Sun, 17 Apr 2022 19:26:54 +0300 Subject: [PATCH] safer HookMethod and more sandboxed cs mods --- .../BarotraumaShared/SharedSource/LuaCs/Cs/CsScriptFilter.cs | 4 +++- Barotrauma/BarotraumaShared/SharedSource/LuaCs/LuaCsHook.cs | 5 +++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/Barotrauma/BarotraumaShared/SharedSource/LuaCs/Cs/CsScriptFilter.cs b/Barotrauma/BarotraumaShared/SharedSource/LuaCs/Cs/CsScriptFilter.cs index bd2e74693..f06e48083 100644 --- a/Barotrauma/BarotraumaShared/SharedSource/LuaCs/Cs/CsScriptFilter.cs +++ b/Barotrauma/BarotraumaShared/SharedSource/LuaCs/Cs/CsScriptFilter.cs @@ -34,8 +34,10 @@ namespace Barotrauma { }; private static readonly string[] typesProhibited = new string[] { //"System.Reflection", + //"System.Type", "System.IO", - "Moonsharp" + "Moonsharp", + "Barotrauma.IO", }; public static bool IsTypeAllowed(string name) { diff --git a/Barotrauma/BarotraumaShared/SharedSource/LuaCs/LuaCsHook.cs b/Barotrauma/BarotraumaShared/SharedSource/LuaCs/LuaCsHook.cs index 321016fe7..ecaad266b 100644 --- a/Barotrauma/BarotraumaShared/SharedSource/LuaCs/LuaCsHook.cs +++ b/Barotrauma/BarotraumaShared/SharedSource/LuaCs/LuaCsHook.cs @@ -215,9 +215,14 @@ namespace Barotrauma return methodInfo; } + private static readonly string[] prohibitedHooks = { + "Barotrauma.Lua", + "Barotrauma.Cs" + }; public void HookMethod(string identifier, MethodInfo method, LuaCsPatch patch, HookMethodType hookType = HookMethodType.Before, ACsMod owner = null) { if (identifier == null || method == null || patch == null) throw new ArgumentNullException("Identifier, Method and Patch arguments must not be null."); + if (prohibitedHooks.Any(h => method.DeclaringType.FullName.StartsWith(h))) throw new ArgumentException("Hooks into Modding Environment are prohibited."); var funcAddr = ((long)method.MethodHandle.GetFunctionPointer()); var patches = Harmony.GetPatchInfo(method);