Merge pull request #25 from Open-SB/kill-misbehaving-client-scripts

Kill misbehaving client scripts via an interrupt hook

Author: techs-sus

modules/client/wm/sandbox/init.luau

@@ -1,12 +1,22 @@
 local game = game
 local setmetatable = setmetatable
+local os = os
 
 local Log = require("@shared/log")
 local Environment = require("@self/environment")
 local VM = require("@self/vm")
 local Rules = require("@self/rules")
+local Errors = require("@shared/errors")
 
 local Players = game:GetService("Players")
+local RunService = game:GetService("RunService")
+
+local lastSteppedStart = 0
+local SCRIPT_TIMEOUT = 0.1
+
+RunService.Stepped:Connect(function()
+	lastSteppedStart = os.clock()
+end)
 
 local localPlayer = Players.LocalPlayer
 
@@ -90,7 +100,16 @@ function Module.new(owner: Player, bytecode: buffer, script: BaseScript?): sandb
 		scriptLookup[script] = sandbox
 	end
 
-	local main, luau_close = VM.luau_load(bytecode, sandbox)
+	local main, luau_close = VM.luau_load(bytecode, sandbox, @native function()
+		if os.clock() - lastSteppedStart >= SCRIPT_TIMEOUT then
+			-- calls sandbox.Terminator (luau_close), then cleans up sandbox
+			Module.terminate(sandbox, true)
+			error(Errors.scriptTimeout(SCRIPT_TIMEOUT), 2)
+		end
+
+		return nil
+	end)
+
 	sandbox.Terminator = luau_close
 
 	return sandbox, main

modules/client/wm/sandbox/vm.luau

@@ -541,7 +541,7 @@ local function luau_deserialize(bytecode)
 end
 
 local vmStart = debug_info(function() end, "l")
-local function luau_load(module, sandbox)
+local function luau_load(module, sandbox, interruptHook: () -> ())
 	if type(module) ~= "table" then
 		module = luau_deserialize(module)
 	end
@@ -561,7 +561,7 @@ local function luau_load(module, sandbox)
 	local function luau_wrapclosure(module, proto, upvals, _env)
 		local info = { proto = proto, sandbox = sandbox }
 
-		-- TODO: @native
+		@native
 		local function luau_execute(...)
 			local runningInfo = { thread = coroutine_running(), pc = 0, closureInfo = info }
 			info.running = runningInfo
@@ -735,6 +735,8 @@ local function luau_load(module, sandbox)
 
 					stack[A] = sb[inst.K]
 				elseif op == 21 then --[[ CALL ]]
+					interruptHook()
+
 					local A, B, C = inst.A, inst.B, inst.C
 
 					local func = stack[A]
@@ -752,13 +754,17 @@ local function luau_load(module, sandbox)
 
 					table_move(ret_list, 1, ret_num, A, stack)
 				elseif op == 22 then --[[ RETURN ]]
+					interruptHook()
+
 					local A = inst.A
 					local B = inst.B
 
 					return table_unpack(stack, A, A + if B - 1 == LUA_MULTRET then top - A else (B - 2))
 				elseif op == 23 then --[[ JUMP ]]
 					pc += inst.D
 				elseif op == 24 then --[[ JUMPBACK ]]
+					interruptHook()
+
 					-- selene: allow(if_same_then_else)
 					pc += inst.D
 				elseif op == 25 then --[[ JUMPIF ]]
@@ -919,6 +925,8 @@ local function luau_load(module, sandbox)
 						end
 					end
 				elseif op == 57 then --[[ FORNLOOP ]]
+					interruptHook()
+
 					local A = inst.A
 					local step = stack[A + 1]
 					local index = stack[A + 2] + step
@@ -935,6 +943,8 @@ local function luau_load(module, sandbox)
 						end
 					end
 				elseif op == 58 then --[[ FORGLOOP ]]
+					interruptHook()
+
 					local A = inst.A
 
 					top = A + 6
@@ -1027,6 +1037,8 @@ local function luau_load(module, sandbox)
 
 					pc += 1 --// adjust for aux
 				elseif op == 67 then --[[ JUMPX ]]
+					interruptHook()
+
 					pc += inst.E
 				elseif op == 68 then --[[ FASTCALL ]]
 					--[[ Skipped ]]

modules/shared/errors.luau

@@ -48,4 +48,8 @@ function Errors.connectNonFunction(): string
 	return `Attempt to connect failed: Passed value is not a function`
 end
 
+function Errors.scriptTimeout(allowedExecutionTime: number): string
+	return `Script timeout: exhausted allowed execution time ({allowedExecutionTime})`
+end
+
 return table.freeze(Errors)