From 656e5e7cf1f6a15cb1f0f69ddd1cf782cf213a71 Mon Sep 17 00:00:00 2001
From: EliteMasterEric <ericmyllyoja@gmail.com>
Date: Thu, 2 May 2024 02:49:55 -0400
Subject: [PATCH] Blacklist more sensitive modules.

---
 source/funkin/modding/PolymodHandler.hx | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/source/funkin/modding/PolymodHandler.hx b/source/funkin/modding/PolymodHandler.hx
index 7f9fa24c5..3096fce7d 100644
--- a/source/funkin/modding/PolymodHandler.hx
+++ b/source/funkin/modding/PolymodHandler.hx
@@ -213,9 +213,23 @@ class PolymodHandler
     // Add blacklisting for prohibited classes and packages.
 
     // `Sys`
+    // Sys.command() can run malicious processes
     Polymod.blacklistImport('Sys');
 
+    // `Reflect`
+    // Reflect.callMethod() can access blacklisted packages
+    Polymod.blacklistImport('Reflect');
+
+    // `Type`
+    // Type.createInstance(Type.resolveClass()) can access blacklisted packages
+    Polymod.blacklistImport('Type');
+
+    // `cpp.Lib`
+    // Lib.load() can load malicious DLLs
+    Polymod.blacklistImport('cpp.Lib');
+
     // `polymod.*`
+    // You can probably unblacklist a module
     for (cls in ClassMacro.listClassesInPackage('polymod'))
     {
       if (cls == null) continue;