diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..c7678c7 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,74 @@ +--- +name: Build +on: + - push + +jobs: + build: + name: ${{ matrix.config.name }} + runs-on: ${{ matrix.config.os }} + strategy: + fail-fast: false + matrix: + config: + - name: Windows + os: windows-2019 + arch: x64 + preset-name: windows + artifact-name: windows-x64 + + - name: Linux + os: ubuntu-20.04 + preset-name: linux + artifact-name: linux-x64 + + - name: macOS + os: macos-10.15 + preset-name: macos + artifact-name: macos-x64 + + steps: + - uses: actions/checkout@v2 + with: + submodules: recursive + + - uses: seanmiddleditch/gha-setup-ninja@v3 + + - uses: ilammy/msvc-dev-cmd@v1 + if: startsWith(matrix.config.os, 'windows') + with: + arch: ${{ matrix.config.arch }} + + - uses: ammaraskar/msvc-problem-matcher@master + if: startsWith(matrix.config.os, 'windows') + + - uses: ammaraskar/gcc-problem-matcher@master + if: startsWith(matrix.config.os, 'ubuntu') || startsWith(matrix.config.os, 'macos') + + - name: Configure + run: cmake --preset ${{ matrix.config.preset-name }} + + - name: Build + run: cmake --build --preset ${{ matrix.config.preset-name }} + + - name: Install + run: cmake --build --preset ${{ matrix.config.preset-name }} --target install + + - name: Package + run: cmake --build --preset ${{ matrix.config.preset-name }} --target package + + - name: Upload + uses: actions/upload-artifact@v2 + with: + path: build/install/${{ matrix.config.preset-name }}/**/* + name: ${{ matrix.config.artifact-name }} + + - name: Upload Release + uses: ncipollo/release-action@v1 + if: startsWith(github.ref, 'refs/tags/') + with: + name: tainted-lua ${{ github.ref }} + artifacts: build/${{ matrix.config.preset-name }}/*.tar.xz,build/${{ matrix.config.preset-name }}/*.zip + draft: true + token: ${{ secrets.GITHUB_TOKEN }} + allowUpdates: true diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..4119195 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,31 @@ +# Changelog + +## [Unreleased] + +## [v1] +### Added +- Added basic taint propagation system. +- Added the following security extensions to the base library: + - `forceinsecure()` + - `geterrorhandler()` + - `hooksecurefunc([table,] "name", func)` + - `issecure()` + - `issecurevariable([table,] "variable")` + - `scrub(...)` + - `seterrorhandler(errfunc)` +- Added the following security extensions to the debug library: + - `debug.forcesecure()` +- Added a new hook mask (`"s"`) which is invoked whenever the VM transitions between security states. This occurs after processing of the current instruction. +- Added a debug trap system that allows configuring errors under certain runtime conditions. + - This can be controlled through the `debug.settrapmask("mask")` and `debug.gettrapmask()` functions. + - The `"s"` mask enables integer overflow errors in `string.format` falls for signed format specifiers. + - The `"u"` mask enables integer overflow errors in `string.format` calls for unsigned format specifiers. + - The `"z"` mask enables divide-by-zero errors for division and modulo operations. + - The default trap mask matches that of a live retail client environment and is set to `"s"`. +- Added all string library extensions present in the in-game environment as well as their global aliases. +- Added all table library extensions present in the in-game environment as well as their global aliases. +- Added all math library extensions present in the in-game environment as well as their global aliases. +- Added all global aliases to the OS libary functions as present in the in-game environment. + +[Unreleased]: https://github.com/olivierlacan/keep-a-changelog/compare/v1...HEAD +[v1]: https://github.com/olivierlacan/keep-a-changelog/releases/tag/v1 diff --git a/CMakeLists.txt b/CMakeLists.txt index 2dcb007..54e99b3 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -26,7 +26,6 @@ endif() set(CPACK_PACKAGE_VENDOR "Meorawr") set(CPACK_PACKAGE_DESCRIPTION_SUMMARY ${PROJECT_DESCRIPTION}) set(CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-v${PROJECT_VERSION}-${LUA_PACKAGE_SYSTEM_NAME}") -set(CPACK_PACKAGE_CHECKSUM "SHA256") set(CPACK_GENERATOR "TXZ;ZIP") set(CPACK_STRIP_FILES ON) diff --git a/CMakePresets.json b/CMakePresets.json index f48a268..f812364 100644 --- a/CMakePresets.json +++ b/CMakePresets.json @@ -25,15 +25,6 @@ "CMAKE_BUILD_TYPE": "Debug" } }, - { - "name": "gcc", - "description": "Preset for configuring a build with GCC", - "hidden": true, - "cacheVariables": { - "CMAKE_C_COMPILER": "gcc", - "CMAKE_C_FLAGS": "-D_GNU_SOURCE -ffast-math -Wall -Wextra" - } - }, { "name": "msvc", "description": "Preset for configuring a build with MSVC", @@ -51,6 +42,24 @@ "value": "x64" } }, + { + "name": "gcc", + "description": "Preset for configuring a build with GCC", + "hidden": true, + "cacheVariables": { + "CMAKE_C_COMPILER": "gcc", + "CMAKE_C_FLAGS": "-D_GNU_SOURCE -ffast-math -Wall -Wextra" + } + }, + { + "name": "clang", + "description": "Preset for configuring a build with Clang", + "hidden": true, + "cacheVariables": { + "CMAKE_C_COMPILER": "clang", + "CMAKE_C_FLAGS": "-D_GNU_SOURCE -ffast-math -Wall -Wextra" + } + }, { "name": "windows", "displayName": "Windows", @@ -77,6 +86,15 @@ "base", "gcc" ] + }, + { + "name": "macos", + "displayName": "macOS", + "description": "Release configuration for macOS (Clang)", + "inherits": [ + "base", + "clang" + ] } ], "buildPresets": [ @@ -140,6 +158,24 @@ "minimal", "linux" ] + }, + { + "name": "macos", + "displayName": "Release", + "description": "Release build for macOS (Clang)", + "configurePreset": "macos", + "inherits": [ + "base" + ] + }, + { + "name": "macos-minimal", + "displayName": "Minimal", + "description": "Minimal release build for macOS (Clang)", + "inherits": [ + "minimal", + "macos" + ] } ] }