Server freeze exploits

[raymoo]

Checkboxes provided to measure fix progress

• The following program will freeze the server:

while(true)do end

• This will too:

while{}do end

• So will the following:

while (function(f) return f(f) end)(function(f) return f(f) end) do print("a") end

• Here is another:

meme = "function"
while true do end
meme = ")"

• Another:

while true do
  pcall(function() while true do end end)
end

• More:

_G["increase_c" .. "counter"] = listen_msg
while true do end

Suggested fixes:

• Stop trying to limit execution by inserting your own function calls, instead use an instruction count debug hook.
• Remove pcall from the bot environment, or replace it with a "safe" version that will not allow the user to catch the "too much execution" errors.

These would fix all of the listed exploits/bugs

[ac-minetest]

fixed most of problems.
im aware of hooks, i just dont want to use them cause:

1. i like to use luajit
2. is fun solving challenges you provide. Keep them coming :)

[raymoo]

You did not fix the third freeze. Please reopen this issue since you have not actually resolved it.

[raymoo]

Also, you would only need to disable luaJIT for the user-provided function, not the whole game. Since you are only allowing 32 loops/recursions, luaJIT will not make an appreciable performance difference.