Commit Graph

142 Commits

Author SHA1 Message Date
wm4 4bdf03779f lua: fix typo in comment 2020-02-06 23:02:23 +01:00
wm4 7c5c057717 lua: use mp_path_is_absolute() for checking package paths
This makes it work with the shitty OS. Behavior on Linux should be the
same.
2020-02-06 14:15:31 +01:00
wm4 cce7062a8a lua: fix highly security relevant arbitrary code execution bug
It appears Lua's package paths try to load .lua files from the current
working directory. Not only that, but also shared libraries.

  WHAT THE FUCK IS WHOEVER IS RESPONSIBLE FOR THIS FUCKING DOING?

mpv isn't setting this package path; currently it's only extending it.
In any sane world, this wouldn't be a default. Most programs use
essentially random working directories and don't change it.

I cannot comprehend what bullshit about "convenience" or whatever made
them do something this broken and dangerous. Thousands of programs using
Lua out there will try to randomly load random code from random
directories.

In mpv's case, this is so security relevant, because mpv is normally
used from the command line, and you will most likely actually change
into your media directory or whatever with the shell, and play a file
from there. No, you don't want to load a (probably downloaded) shared
library from this directory if a script try to load a system lib with
the same name or so.

I'm not sure why LUA_PATH_DEFAULT in luaconf.h (both upstream and the
Debian version) put "./?.lua" at the end, but in any case, trying to
load a module that doesn't exist nicely lists all package paths in
order, and confirms it tries to load files from the working directory
first (anyone can try this). Even if it didn't, this would be
problematic at best.

Note that scripts are _not_ sandboxed. They're allowed to load system
libraries, which is also why we want to keep the non-idiotic parts of
the package paths.

Attempt to fix this by filtering out relative paths. This is a bit
fragile and not very great for something security related, but probably
the best we can do without having to make assumptions about the target
system file system layout. Also, someone else can fix this for Windows.

Also replace ":" with ";" (for the extra path). On a side note, this
extra path addition is just in this function out of laziness, since
I'd rather not have 2 functions with edit the package path.

mpv in default configuration (i.e. no external scripts) is probably not
affected. All builtin scripts only "require" preloaded modules, which,
in a stroke of genius by the Lua developers, are highest priority in the
load order. Otherwise, enjoy your semi-remote code execution bug.

Completely unrelated this, I'm open for scripting languages and
especially implementations which are all around better than Lua, and are
suited for low footprint embedding.
2020-02-06 11:59:24 +01:00
wm4 65cd9efa85 lua: add mp.get_script_directory() function
And add some clarifications/suggestions to the manpage.
2020-02-04 20:40:16 +01:00
wm4 b86bfc907f lua: set package path if loaded from a script directory
And document the shit.

This uses code from commit bc1c024ae0.
2020-02-01 18:43:27 +01:00
wm4 da38caff9c scripting: load scripts from directories
The intention is to provide a slightly nicer way to distribute scripts.
For example, you could put multiple source files into the directory, and
then import them from the actual script file (this is still
unimplemented).

At first I wanted to require a config file (because you need to know at
least which scripting backend it should use). This wouldn't have been
too hard (could have reused/abused the mpv config file parsing
mechanism, and I already had working code that was just 2 function
calls). But probably better to do this without new config files, because
it might become a pain in the distant future.

So this just probes for "main.lua", "main.js", etc., until an existing
file is found.

Another important change is that this skips all directory entries whose
name starts with ".". This automatically excludes the "." and ".."
special directories, and is probably useful to exclude random crap that
might be lying around in the directory (such as editor temporary files,
or OSX, in its usual hrmful, annoying, and idiotic modus operandi,
sharting all over any directories opened by "Finder").

Although the changelog mentions the docs, they're added only in a later
commit.
2020-02-01 18:09:40 +01:00
wm4 bc1c024ae0 lua: stop setting bogus package path
Scripts are not supposed to be able to "import" anything from mpv's
scripts directory, because all these files are loaded by mpv itself.
2020-01-26 15:28:51 +01:00
wm4 11b9315b3f lua: use new OSD property
See previous commit.

A nice side-effect is that mp.get_osd_margins() is not a special
Lua-only thing anymore. I didn't test whether this function still works
as expected, though.
2020-01-08 00:16:58 +01:00
Sai Ke WANG 01de2a9bd5 lua: fix mp.file_info for large files
`size` field with `unsigned int` was truncated to 4GB

Signed-off-by: wm4 <wm4@nowhere>
2019-12-28 14:34:32 +01:00
wm4 0728726251 client API, lua: add new API for setting OSD overlays
Lua scripting has an undocumented mp.set_osd_ass() function, which is
used by osc.lua and console.lua. Apparently, 3rd party scripts also use
this. It's probably time to make this a public API.

The Lua implementation just bypassed the libmpv API. To make it usable
by any type of client, turn it into a command, "osd-overlay".

There's already a "overlay-add". Ignore it (although the manpage admits
guiltiness). I don't really want to deal with that old command. Its main
problem is that it uses global IDs, while I'd like to avoid that scripts
mess with each others overlays (whether that is accidentally or
intentionally). Maybe "overlay-add" can eventually be merged into
"osd-overlay", but I'm too lazy to do that now.

Scripting now uses the commands. There is a helper to manage OSD
overlays. The helper is very "thin"; I only want to force script authors
to use the ID allocation, which may help with putting multiple scripts
into a single .lua file without causing conflicts (basically, avoiding
singletons within a script's environment). The old set_osd_ass() is
emulated with the new API.

The JS scripting wrapper also provides a set_osd_ass() function, which
calls internal mpv API. Comment that part (to keep it compiling), but
I'm leaving it to @avih to finish the change.
2019-12-23 11:44:24 +01:00
James Ross-Gowan b3b2cc44fa console.lua: add this script
Merged from mpv-repl git repo commit 5ea2bf64f9c239f0326b02. Some
changes were made on top of it:

- Tabs were converted to 4 spaces indentation (plus some manual
  indentation fixes in some places).
- All user-visible mentions of "repl" were renamed to "console".
- The README was converted to a manpage (with heavy changes, some
  additions taken from stats.rst; rossy converted the key bindings
  table to RST).
- The method to change the default key binding was changed.
- Change minor detail about "font" default value setting (not a
  functional change).
- Integrate into the player as builtin script, including an option to
  prevent loading it.

Above changes and commit message done by wm4.

Signed-off-by: wm4 <wm4@nowhere>
2019-12-08 02:46:44 +01:00
wm4 8e5642ff68 lua: don't pre-filter log level argument in mp.enable_messages()
This will just make it  not work if mpv_request_log_messages() gets
extended to accept more names. Pass the argument without checking.

To keep the behavior the same (for whatever reasons, probably not
important), still raise an error if the libmpv API function returns an
error that the argument was bad.

(The check_loglevel() function is still used when the script _emits_ log
messages, which is different, and for which there is no API anyway.)
2019-11-18 00:44:54 +01:00
wm4 dbe831bd02 lua: expose mpv_abort_async_command()
Also somewhat cleans up mp.command_native_async() error handling.
2018-05-24 19:56:34 +02:00
wm4 7f91e2684e lua: reimplement mp.subprocess_detached() by invoking the "run" command
The "run" command is old. I'm not sure why the separate Lua
implementation was added. But maybe it as because the "run" command used
to be limited to a small number of arguments. This limit has been
removed a while ago. In any case, the old implementation is not needed
anymore.
2018-05-24 19:56:34 +02:00
wm4 548ef07864 lua: reimplement mp.subprocess() by invoking the new subprocess command
We keep mp.subprocess() with roughly the same semantics for
compatibility with scripts (including the internal ytdl script).

Seems to work with rhe ytdl wrapper. Not tested further.
2018-05-24 19:56:34 +02:00
wm4 159379980e lua: expose async commands
Might be useful for some.
2018-05-24 19:56:34 +02:00
wm4 f60826c3a1
client API: add a first class hook API, and deprecate old API
As it turns out, there are multiple libmpv users who saw a need to
use the hook API. The API is kind of shitty and was never meant to be
actually public (it was mostly a hack for the ytdl script).

Introduce a proper API and deprecate the old one. The old one will
probably continue to work for a few releases, but will be removed
eventually.

There are some slight changes to the old API, but if a user followed
the manual properly, it won't break.

Mostly untested. Appears to work with ytdl_hook.
2018-03-26 23:02:23 -07:00
sfan5 8f9785d128 lua+js: Implement utils.getpid()
Usable for uniquely identifying mpv instances from
subprocesses, controlling mpv with AppleScript, ...

Adds a new mp_getpid() wrapper for cross-platform reasons.
2018-02-13 20:16:01 -08:00
Niklas Haas ba1943ac00 msg: reinterpret a bunch of message levels
I've decided that MP_TRACE means “noisy spam per frame”, whereas
MP_DBG just means “more verbose debugging messages than MSGL_V”.
Basically, MSGL_DBG shouldn't create spam per frame like it currently
does, and MSGL_V should make sense to the end-user and provide mostly
additional informational output.

MP_DBG is basically what I want to make the new default for --log-file,
so the cut-off point for MP_DBG is if we probably want to know if for
debugging purposes but the user most likely doesn't care about on the
terminal.

Also, the debug callbacks for libass and ffmpeg got bumped in their
verbosity levels slightly, because being external components they're a
bit less relevant to mpv debugging, and a bit too over-eager in what
they consider to be relevant information.

I exclusively used the "try it on my machine and remove messages from
MSGL_* until it does what I want it to" approach of refactoring, so
YMMV.
2017-12-15 22:28:47 -08:00
TSaaristo 522bfe5be1 lua+js: implement utils.file_info()
This commit introduces mp.utils.file_info() for querying information
on file paths, implemented for both Lua and Javascript.

The function takes a file path as an argument and returns a Lua table /
JS object upon success. The table/object will contain the values:
mode, size, atime, mtime, ctime and the convenience booleans is_file, is_dir.

On error, the Lua side will return `nil, error` and the Javascript side
will return `undefined` (and mark the last error).

This feature utilizes the already existing cross-platform `mp_stat()`
function.
2017-12-13 21:55:28 +02:00
Julian 92a9150cc2 lua: integrate stats.lua script
Signed-off-by: wm4 <wm4@nowhere>

Rename --stats to --load-stats-overlay and add an entry to options.rst
over the original commit.

Signed-off-by: wm4 <wm4@nowhere>
2017-10-09 20:47:33 +02:00
Hoyon Mak b2f756c80e scripting: expand --script filename for C plugins 2017-06-09 19:42:12 +02:00
Ricardo Constantino 2eab0c779a
lua: increase subprocess stdout limit to 64MB 2017-05-04 17:09:38 +01:00
William Woodruff a4cdd8bb82 lua: close directory after reading its entries
Fixes #4045.
2017-01-17 08:22:13 +01:00
wm4 191cdbd31e scripting: minor logging improvements
Give scripting backends a proper name, instead of calling everything
"scripts".

Log client exit directly in client.c, as that is more general (doesn't
change actual output).
2017-01-14 17:13:50 +01:00
wm4 f30c5d09f4 client API: turn mpv_suspend() and mpv_resume() into stubs
As threatened by the API changes document.

This commit also removes or stubs equivalent calls in IPC and Lua
scripting.

The stubs are left to maintain ABI compatibility. The semantics of the
API functions have been close enough to doing nothing that this probably
won't even break existing API users. Probably.
2016-11-22 15:54:44 +01:00
wm4 cad6fb038b lua: complain loudly if Lua state creation fails
This should normally happen only if memory allocation for the state
happens, which should be extremely rare. But with Luajit on OSX, it can
happen if the magic compiler flags required by Luajit were not passed to
mpv compilation. Print an error to reduce confusion.
2016-09-25 01:00:20 +02:00
wm4 2361ec35aa lua: fix array detection
This was dumb and could return something like "{name=123}" as an array.

Also, fix the error message if a key is not a string. lua_typename()
takes a type directly, not a stack item.
2016-09-24 17:52:36 +02:00
rr- f66f0b34c8 lua: expose subprocess_detached 2016-09-21 12:43:21 +02:00
wm4 bf385e1140 player: kill associated OSD and key bindings when removing a script
The former was done already for Lua scripts, but move it to the generic
code.
2016-09-20 15:44:11 +02:00
wm4 15baf2789c client API: declare mpv_suspend/mpv_resume deprecated
They're useless, and I have no idea what they're actually supposed to do
(wrt. pending input processing changes).

Also remove their implicit uses from the IPC handlers.
2016-09-16 14:39:47 +02:00
wm4 b8ade7c99b player, ao, vo: don't call mp_input_wakeup() directly
Currently, calling mp_input_wakeup() will wake up the core thread (also
called the playloop). This seems odd, but currently the core indeed
calls mp_input_wait() when it has nothing more to do. It's done this way
because MPlayer used input_ctx as central "mainloop".

This is probably going to change. Remove direct calls to this function,
and replace it with mp_wakeup_core() calls. ao and vo are changed to use
opaque callbacks and not use input_ctx for this purpose. Other code
already uses opaque callbacks, or has legitimate reasons to use
input_ctx directly (such as sending actual user input).
2016-09-16 14:37:48 +02:00
wm4 876a3bafc5 osd: cleanup: make OSDTYPE_ constants private to OSD code
No need to have them everywhere. The only exception/annoyance is
MAX_OSD_PARTS, which is now basically duplicated (and at runtime
initialization is checked with an assert()).
2016-03-08 22:01:57 +01:00
wm4 75a36662cb osd, lua: manage multiple ASS overlays set with set_osd_ass() calls
Until now, there was only 1 global ASS overlay that could be set by all
scripts. This was often perceived as bug when multiple scripts tried to
set their own ASS overlay.

This was kind of hard to solve because the script could set its own ASS
PlayResX/Y, which makes it impossible to share a single ASS_Renderer for
multiple scripts. The OSC unfortunately makes use of this feature (and
unfortunately can't be fixed because it's a POS), so we're stuck with
this complication.

Implement the worst-case solution and fix this by creating separate ASS
track and renderer objects for each script that wants to set an ASS
overlay.

The z-order is decided by the order the scripts set their text first.
This is essentially random, unless you do it at script init, and you
pass scripts in a specific order. Script initialization is currently
serialized (as a feature), so the first loaded script gets lowest
Z-order.

The Lua script API interestingly remains the same. (And also will remain
undocumented, unsupported, and potentially volatile.)
2016-03-08 22:00:02 +01:00
wm4 5fa45fb564 osd, lua: remove weird OSD scaling
Do not scale OSD mouse input to the ASS OSD script resolution. The
original idea of this mechanism was that the user doesn't have to care
about the actual resolution of anything, and can just use the OSD
resolution consistently. But this made things worse.

Remove the implicit scaling, and always use the screen resolution.
(Except with --vo=xv, where additional scaling is forced upon
everything.)

Drop get_osd_resolution(). There is no replacement. Rename
get_screen_size() and get_screen_margins() to use "osd" instead of
"screen". For anything but --vo=xv these are equivalent, but with
--vo=xv the OSD resolution has additional implicit scaling.

Add code to osc.lua which emulates the old behavior.

Note that none of the changed functions were public API, so implicit
breakage of scripts which used it is just going to happen.
2016-03-07 22:22:18 +01:00
wm4 8a9b64329c Relicense some non-MPlayer source files to LGPL 2.1 or later
This covers source files which were added in mplayer2 and mpv times
only, and where all code is covered by LGPL relicensing agreements.

There are probably more files to which this applies, but I'm being
conservative here.

A file named ao_sdl.c exists in MPlayer too, but the mpv one is a
complete rewrite, and was added some time after the original ao_sdl.c
was removed. The same applies to vo_sdl.c, for which the SDL2 API is
radically different in addition (MPlayer supports SDL 1.2 only).

common.c contains only code written by me. But common.h is a strange
case: although it originally was named mp_common.h and exists in MPlayer
too, by now it contains only definitions written by uau and me. The
exceptions are the CONTROL_ defines - thus not changing the license of
common.h yet.

codec_tags.c contained once large tables generated from MPlayer's
codecs.conf, but all of these tables were removed.

From demux_playlist.c I'm removing a code fragment from someone who was
not asked; this probably could be done later (see commit 15dccc37).

misc.c is a bit complicated to reason about (it was split off mplayer.c
and thus contains random functions out of this file), but actually all
functions have been added post-MPlayer. Except get_relative_time(),
which was written by uau, but looks similar to 3 different versions of
something similar in each of the Unix/win32/OSX timer source files. I'm
not sure what that means in regards to copyright, so I've just moved it
into another still-GPL source file for now.

screenshot.c once had some minor parts of MPlayer's vf_screenshot.c, but
they're all gone.
2016-01-19 18:36:06 +01:00
Dmitrij D. Czarkoff ea442fa047 mpv_talloc.h: rename from talloc.h
This change helps avoiding conflict with talloc.h from libtalloc.
2016-01-11 21:05:55 +01:00
wm4 7c73f70b89 osd: delay libass initialization as far as possible
Until now, most OSD objects created the associated ASS_Renderer instance
as soon as possible, even if nothing was going to be rendered. Maybe
this was even intentional.

Change this for the sake of lowering resource usage, and strictly
initialize ASS_Renderer only when it's really needed.

For the OSC, initialization has to be forced, because of the insane
mechanism for translating mouse coordinates to OSD coordinates.
2015-09-07 14:26:01 +02:00
wm4 d6c99bcda2 lua: implement input_enable_section/input_disable_section via commands
Removes some more internal API calls from the Lua scripting backend.
Which is good, because ideally the scripting backend would use libmpv
functions only.

One awkwardness is that mouse sections are still not supported by the
public commands (and probably will never), so flags like allow-hide-
cursor make no sense to an outside user.

Also, the way flags are passed to the Lua function changes. But that's
ok, because they're only undocumented internal functions, and not
supposed to be used by script users. osc.lua only does due to historical
reasons.
2015-08-06 00:31:47 +02:00
wm4 9bcc882659 lua: make mp.input_define_section use the define-section command 2015-08-06 00:17:30 +02:00
wm4 03c70a8d81 subprocess, lua: export whether the process was killed by us
We want to distinguish actual errors, and just aborting the program
intentionally.

Also be a bit more careful with handling the wait() exit status: do not
called WEXITSTATUS() without checking WIFEXITED() first.
2015-06-27 21:08:55 +02:00
wm4 0d2456ae5f lua: support MPV_END_FILE_REASON_REDIRECT
And also add the missing "unknown" entry to the manpage.
2015-06-11 21:42:09 +02:00
wm4 ce513dedd8 lua: export end-file event fields 2015-06-11 21:42:09 +02:00
wm4 04c02796bd path: make mp_path_join accept normal C strings
Instead of bstr. Most callers of this function do not need bstr. The
bstr version of this function is now mp_path_join_bstr().
2015-05-09 15:26:47 +02:00
wm4 40997b8ae5 lua: remove deprecated "lua" sub directories
The compatibility code and the deprecation warning were at least in
releases 0.8 and 0.9 - time to get rid of them.
2015-05-09 15:04:05 +02:00
wm4 daabbe3640 lua: add utils.format_json() function
Requested. Why not.
2015-04-22 20:55:05 +02:00
wm4 ccfe4d6418 client API: add MPV_FORMAT_BYTE_ARRAY type
This will be used in the following commit, which adds screenshot_raw.

The reasoning is that this will be better for binding scripting
languages.

One could special-case the screenshot_raw commit and define fixed
semantics for passing through a pointer using the current API, like
formatting a pointer as string. But that would be ridiculous and
unclean.
2015-04-20 23:09:34 +02:00
wm4 9b59c175e3 lua: reject Lua 5.3
It simply doesn't work, and is hard to make work. Lua 5.3 is a different
language from 5.1 and 5.2, and is different enough to make adding
support a major issue. Most importantly, 5.3 introduced integer types,
which completely mess up any code which deals with numbers.

I tried to make this a compile time check, but failed. Still at least
try to avoid selecting the 5.3 pkg-config package when the generic "lua"
name is used (why can't Lua upstream just provide an official .pc
file...). Maybe this actually covers all cases.

Fixes #1729 (kind of).
2015-04-01 23:59:15 +02:00
wm4 39f6f6b104 build: make posix_spawn() mandatory
It was already accidentally used unconditionally by command.c.
Apparently this worked well for us, so don't change anything about,
but should it be unavailable, fail at configure time instead of compile
time.
2015-03-30 19:49:24 +02:00
wm4 08df18aea3 lua: replace getcwd() implementation 2015-03-24 22:04:27 +01:00