From 5579fb5240347ddc86987a8aedbae20d8602c4bd Mon Sep 17 00:00:00 2001
From: wolfy852 <wolfy852@hotmail.com>
Date: Wed, 20 Jan 2016 22:35:53 -0600
Subject: [PATCH] Limit file creation/manipulation to luafiles subfolder

Also block % in filename strings
---
 src/blua/liolib.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/blua/liolib.c b/src/blua/liolib.c
index 100dbb6c1..ac168ef18 100644
--- a/src/blua/liolib.c
+++ b/src/blua/liolib.c
@@ -17,6 +17,9 @@
 
 #include "lauxlib.h"
 #include "lualib.h"
+#include "../i_system.h"
+#include "../doomdef.h"
+#include "../m_misc.h"
 
 
 
@@ -173,11 +176,14 @@ static int io_open (lua_State *L) {
 		}
 	}
 	if (strstr(filename, "..") || strchr(filename, ':') || StartsWith(filename, "\\")
-		|| StartsWith(filename, "/") || !pass)
+		|| StartsWith(filename, "/") || strchr(filename, '%') || !pass)
 	{
 		luaL_error(L,"access denied to %s", filename);
 		return pushresult(L,0,filename);
 	}
+	I_mkdir("luafiles", 0755);
+	char* destFilename = va("luafiles"PATHSEP"%s", filename);
+	filename = destFilename;
 	const char *mode = luaL_optstring(L, 2, "r");
 	FILE **pf = newfile(L);
 	*pf = fopen(filename, mode);