mirror of
https://github.com/pragma-/pbot.git
synced 2024-12-24 03:33:06 +01:00
Use DFA regex engine on user-supplied regexs to avoid potential denial-of-service attacks
This commit is contained in:
parent
b35382109c
commit
595e6a34d2
@ -753,6 +753,7 @@ sub factchange {
|
||||
}
|
||||
|
||||
my $ret = eval {
|
||||
use re::engine::RE2;
|
||||
if(not $factoids->{$channel}->{$trigger}->{action} =~ s|$tochange|$changeto|) {
|
||||
$self->{pbot}->logger->log("($from) $nick!$user\@$host: failed to change '$trigger' 's$delim$tochange$delim$changeto$delim\n");
|
||||
return "/msg $nick Change $trigger failed.";
|
||||
|
@ -13,8 +13,8 @@ use warnings;
|
||||
# These are set automatically by the build/commit script
|
||||
use constant {
|
||||
BUILD_NAME => "PBot",
|
||||
BUILD_REVISION => 556,
|
||||
BUILD_DATE => "2014-04-27",
|
||||
BUILD_REVISION => 557,
|
||||
BUILD_DATE => "2014-04-28",
|
||||
};
|
||||
|
||||
1;
|
||||
|
@ -524,6 +524,7 @@ if($subcode =~ m/^\s*(?:and\s+)?(run|paste)\s*$/i) {
|
||||
}
|
||||
|
||||
if($#replacements > -1) {
|
||||
use re::engine::RE2;
|
||||
@replacements = sort { $a->{'from'} cmp $b->{'from'} or $a->{'modifier'} <=> $b->{'modifier'} } @replacements;
|
||||
|
||||
my ($previous_from, $previous_modifier);
|
||||
|
Loading…
Reference in New Issue
Block a user