GitHub/pbot
3
0
Fork 0
mirror of https://github.com/pragma-/pbot.git synced 2024-11-23 12:29:27 +01:00
Code Issues Projects Releases Wiki Activity

Use DFA regex engine on user-supplied regexs to avoid potential denial-of-service attacks

Browse Source
This commit is contained in:
Pragmatic Software 2014-04-28 17:20:01 +00:00
parent b35382109c
commit 595e6a34d2
3 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
PBot/FactoidCommands.pm
View File

@ -753,6 +753,7 @@ sub factchange {
} }
my $ret = eval { my $ret = eval {
use re::engine::RE2;
if(not $factoids->{$channel}->{$trigger}->{action} =~ s|$tochange|$changeto|) { if(not $factoids->{$channel}->{$trigger}->{action} =~ s|$tochange|$changeto|) {
$self->{pbot}->logger->log("($from) $nick!$user\@$host: failed to change '$trigger' 's$delim$tochange$delim$changeto$delim\n"); $self->{pbot}->logger->log("($from) $nick!$user\@$host: failed to change '$trigger' 's$delim$tochange$delim$changeto$delim\n");
return "/msg $nick Change $trigger failed."; return "/msg $nick Change $trigger failed.";

4
PBot/VERSION.pm
View File

@ -13,8 +13,8 @@ use warnings;
# These are set automatically by the build/commit script # These are set automatically by the build/commit script
use constant { use constant {
BUILD_NAME => "PBot", BUILD_NAME => "PBot",
BUILD_REVISION => 556, BUILD_REVISION => 557,
BUILD_DATE => "2014-04-27", BUILD_DATE => "2014-04-28",
}; };
1; 1;

1
modules/compiler_vm/compiler_vm_client.pl
View File

@ -524,6 +524,7 @@ if($subcode =~ m/^\s*(?:and\s+)?(run|paste)\s*$/i) {
} }
if($#replacements > -1) { if($#replacements > -1) {
use re::engine::RE2;
@replacements = sort { $a->{'from'} cmp $b->{'from'} or $a->{'modifier'} <=> $b->{'modifier'} } @replacements; @replacements = sort { $a->{'from'} cmp $b->{'from'} or $a->{'modifier'} <=> $b->{'modifier'} } @replacements;
my ($previous_from, $previous_modifier); my ($previous_from, $previous_modifier);