 |
Automated updating of API pages at this location, to reflect patch changes, has ceased from 10.1.7 onwards. |
Calls a function for each pair within a table without propagating taint to the caller.
secureexecuterange(tbl, func, ...)
Arguments
- tbl
- table - The table to be traversed.
- func
- function - The function to be called for each pair.
- ...
- Additional arguments to supply to the invoked function.
Details
- The supplied function will be called with the key and value of each pair within the table as the first two arguments, followed by any additional user-supplied arguments.
- Execution of the supplied function will be tainted in the following scenarios:
- If the initial state of execution was insecure.
- If the table pair currently being processed was insecurely inserted.
- If the supplied function was created by insecure code.
- If execution is tainted during the processing of a single pair, the taint does not propagate to the processing of any remaining pairs within the supplied table.
- Errors that occur during the execution of the supplied function are routed directly to the global error handler, and do not propagate to the caller. Additionally, errors do not prevent the function from being called for all remaining pairs within the supplied table so as to prevent insecure code from potentially changing the flow of execution.
Example Implementation
The implementation of this function would, if not provided natively by the client, be effectively similar to the snippet below. This example aims to better demonstrate how error handling and taint is processed with regards to individual pairs within the table.
local function secureexecutenext(tbl, prev, func, ...)
local key, value = next(tbl, prev)
if key ~= nil then
xpcall(func, CallErrorHandler, key, value, ...)
end
return key
end
function secureexecuterange(tbl, func, ...)
local key = nil
repeat
key = securecallfunction(secureexecutenext, tbl, key, func, ...)
until key == nil
end
Patch changes
Patch 9.1.5 (2021-11-02): Added.
| |||||||||||||||||