Light Shot Error Checker

-- Creates a copy of the shell API in a separate table and returns said table.
function getShellCopy()

    local shellCopy = {}

    for itemIndex, item in pairs(shell) do
        shellCopy[itemIndex] = item
    end

    return shellCopy

end

-- Creates a copy of the fs API and returns it.
function getFsCopy()

    local fsCopy = {}

    for itemIndex, item in pairs( _G["fs"] ) do
        fsCopy[itemIndex] = item
    end

    return fsCopy

end

-- Creates a copy of the io API and returns it.
function getIoCopy()

    local ioCopy = {}

    for itemIndex, item in pairs( _G["io"] ) do
        ioCopy[itemIndex] = item
    end

    return ioCopy

end

-- Creates a copy of the os API and returns it.
function getOsCopy()

    local osCopy = {}

    for itemIndex, item in pairs( _G["os"] ) do
        osCopy[itemIndex] = item
    end

    return osCopy

end

-- Checks if a file that is a lightshot recording that is
-- of a version before 1.2 is malicious or simply illegeal.
-- Returns true if the given line contains malicious code,
-- and false if not.
function checkFileForVirus(filePath)

    -- Get a file handle and the contents of the file.
    local fileHandle   = fs.open(filePath, 'r')
    local fileContents = fileHandle.readAll()
    fileHandle.close()

    -- Create a copy of the shell, fs, and io API's, plus the os.run function.
    local old_shell = getShellCopy()
    local old_fsAPI = getFsCopy()
    local old_ioAPI = getIoCopy()
    local old_osAPI = getOsCopy()
    local old_sleep = _G["sleep"]
    local old_print = _G["print"]
    local old_write = _G["write"]


    -- Replace shell API.
    local dummy_shell = {}
    for shellItemIndex, shellItem in pairs(old_shell) do
        dummy_shell[shellItemIndex] = function( ... )
            error("Unauthorized shell call: " .. shellItemIndex .. '!')
        end
    end
    shell = dummy_shell

    -- Replace fs API.
    for fsItemIndex, fsItem in pairs(old_fsAPI) do
        _G["fs"][fsItemIndex] = function( ... )
            error("Unauthorized fs call: " .. fsItemIndex .. '!')
        end
    end

    -- Replace io API.
    for ioItemIndex, ioItem in pairs(old_ioAPI) do
        _G["io"][ioItemIndex] = function( ... )
            error("Unauthorized io call: " .. ioItemIndex .. '!')
        end
    end

    -- Replace os API.
    for osItemIndex, osItem in pairs(old_osAPI) do
        _G["os"][osItemIndex] = function( ... )
            error("Unauthorized os call: " .. osItemIndex .. '!')
        end
    end
    -- Replace the sleep function so that we can run through this recording much, much faster.
    _G["sleep"] = function( ... )
    end
    -- Replace the print and write functions so that we don't get the end of recording message from the recording.
    _G["write"] = function( ... )
    end
    _G["print"] = function( ... )
    end


    -- Load the line into a function as a string, then run the function with
    -- a limited environment. However, the terminal is available.
    local recordingAsFunction, errorMessage = loadstring(fileContents)

    -- Check for errors in the line before continuing.
    if errorMessage then
        print("Error: " .. errorMessage .. " in file " .. filePath .. '.')
        return true
    end

    -- Now that the APIs are replaced, run the file with a protected call and capture the error.
    local _, virusError = pcall(recordingAsFunction)


    -- Restore all of the APIs back to their original state.
    shell        = old_shell
    _G["fs"]     = old_fsAPI
    _G["io"]     = old_ioAPI
    _G["os"]     = old_osAPI
    _G["sleep"]  = old_sleep
    _G["write"]  = old_write
    _G["print"]  = old_print


    -- If we captured an error, then return true and the error because this line is probably a virus.
    if virusError then
        return true, virusError
    end

    -- If there was no error, then return false because this is probably not a virus.
    return false

end