Yet Another Lua Bot

lua-users home
wiki

Yalb is a (yet another) bot that runs Lua code in a sandbox. It resides in #lua and its prefix character is %

Unlike other bots, it can execute more than one version of Lua: everything from 3.2 to 5.3 and even LuaJIT.

Interface

The command format is as follows: %<version> <code>

<version> is, for instance, 5.3 or luajit . You can leave it blank, and then the default (5.3) is used.

Besides Lua, there are a few other sandboxes, like py, bc, and even c. See %list for a complete list.

<code> can as well begin with a pastebin link, in which case the code is pulled from the pastebin, and concatenated with the rest of the input, making it possible to provide long input for the bot. Currently, the list of pastebins you can use is restricted (for security reasons), however you can poke the author to allow new ones. Keep in mind that the bot doesn't do SSL (HTTPS).

If you double the % sign, i. e. %%<version> <code> , the output will be redirected to yalb's own pastebin ring, thus making it possible to also have long output without spamming the channel.

Another command is %?<version> <title> , which looks up a title (like math.sin, lua_pcall, or 6.4.1) in the manual.

Last but not least, there are 3 special commands:

Sandbox

There is a function called pp which does pretty-printing. It takes zero or more values as arguments, and returns a string. It doesn't perform a deep inspection of tables, but displays identical tables/functions/userdata accordingly.

The sandbox pretty-prints whatever has been returned from the code.

Execution time is capped at 3 seconds, memory is limited to roughly 500 MiB.

You are allowed to read files in a few specific locations like /dev/ or /usr/include/. There's also a (non-chrooted) unix-like environment available through os.execute. You can manipulate the filesystem inside the current directory, but the amount of data you can place there is limited.

Yes, it does take PMs.

Source: The backend is a ptrace mess available [here] (Previous version was using [this]). The front-end is a 100-line Lua script which was hacked together in 15 minutes.

Author: mniip


RecentChanges · preferences
edit · history
Last edited June 11, 2017 1:51 pm GMT (diff)