PauseMenuScripting: resolve absolute 'builtin' path before substring check (#15720)

In 99% of the cases, this behaviour is identical to before.
With this commit, it is again possible to have 'builtin' a symlink that e.g.
points to the engine source directory, which is helpful for development purposes.

src/script/cpp_api/s_security.cpp

@@ -773,7 +773,7 @@ int ScriptApiSecurity::sl_g_loadfile(lua_State *L)
 		std::string path = readParam<std::string>(L, 1);
 		const std::string *contents = script->getClient()->getModFile(path);
 		if (!contents) {
-			std::string error_msg = "Coudln't find script called: " + path;
+			std::string error_msg = "Couldn't find script called: " + path;
 			lua_pushnil(L);
 			lua_pushstring(L, error_msg.c_str());
 			return 2;

src/script/scripting_pause_menu.cpp

@@ -50,7 +50,7 @@ void PauseMenuScripting::initializeModApi(lua_State *L, int top)
 
 void PauseMenuScripting::loadBuiltin()
 {
-	loadScript(porting::path_share + DIR_DELIM "builtin" DIR_DELIM "init.lua");
+	loadScript(Client::getBuiltinLuaPath() + DIR_DELIM "init.lua");
 	checkSetByBuiltin();
 }
 
@@ -60,9 +60,11 @@ bool PauseMenuScripting::checkPathInternal(const std::string &abs_path, bool wri
 	// NOTE: The pause menu env is on the same level of trust as the mainmenu env.
 	// However, since it doesn't need anything else at the moment, there's no
 	// reason to give it access to anything else.
+	// See also: `MainMenuScripting::mayModifyPath` for similar, but less restricted checks.
 
 	if (write_required)
 		return false;
-	std::string path_share = fs::AbsolutePath(porting::path_share);
-	return !path_share.empty() && fs::PathStartsWith(abs_path, path_share + DIR_DELIM "builtin");
+
+	std::string path_builtin = fs::AbsolutePath(Client::getBuiltinLuaPath());
+	return !path_builtin.empty() && fs::PathStartsWith(abs_path, path_builtin);
 }