From 650bf40a244de7cd883df62c9ddbce56692600b7 Mon Sep 17 00:00:00 2001
From: Pragmatic Software <pragma78@gmail.com>
Date: Tue, 5 Nov 2024 16:48:59 -0800
Subject: [PATCH] Disallow invoking of commands with `requires_cap` from
 unlocked factoids

As a security measure to prevent users from creating or modifying factoids to
sneak in commands to trick chanops/admins/botowners/etc into executing those
commands, the command interpreter will now check if the command has been
invoked in the context of a factoid. If so, the factoid must be locked.
---
 lib/PBot/Core/Commands.pm             | 4 ++++
 lib/PBot/Core/Factoids/Interpreter.pm | 7 +++++++
 lib/PBot/VERSION.pm                   | 2 +-
 3 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/lib/PBot/Core/Commands.pm b/lib/PBot/Core/Commands.pm
index 9c614a48..fc8ffd8c 100644
--- a/lib/PBot/Core/Commands.pm
+++ b/lib/PBot/Core/Commands.pm
@@ -192,6 +192,10 @@ sub interpreter($self, $context) {
                 return "/msg $context->{nick} The $keyword command requires the can-$keyword capability, which your user account does not have.";
             }
         }
+
+        if ($context->{factoid} && !$context->{locked}) {
+            return "/msg $context->{nick} The $keyword command requires the can-$keyword capability and cannot be invoked from an unlocked factoid.";
+        }
     }
 
     if ($self->get_meta($keyword, 'condense-whitespace')) {
diff --git a/lib/PBot/Core/Factoids/Interpreter.pm b/lib/PBot/Core/Factoids/Interpreter.pm
index 8a574f70..0fe1ae74 100644
--- a/lib/PBot/Core/Factoids/Interpreter.pm
+++ b/lib/PBot/Core/Factoids/Interpreter.pm
@@ -182,6 +182,7 @@ sub interpreter($self, $context) {
     $context->{original_keyword} = $original_keyword;
     $context->{channel_name}     = $channel_name;
     $context->{trigger_name}     = $trigger_name;
+    $context->{factoid}          = 1;
 
     if ($context->{embedded} and $self->{pbot}->{factoids}->{data}->{storage}->get_data($channel, $keyword, 'noembed')) {
         $self->{pbot}->{logger}->log("Factoids: interpreter: ignoring $channel.$keyword due to noembed.\n");
@@ -194,6 +195,12 @@ sub interpreter($self, $context) {
         }
     }
 
+    if ($self->{pbot}->{factoids}->{data}->{storage}->get_data($channel, $keyword, 'locked')) {
+        $context->{locked} = 1;
+    } else {
+        $context->{locked} = 0;
+    }
+
     # rate-limiting
     if ($context->{interpret_depth} <= 1
             and $self->{pbot}->{factoids}->{data}->{storage}->get_data($channel, $keyword, 'last_referenced_in') eq $context->{from})
diff --git a/lib/PBot/VERSION.pm b/lib/PBot/VERSION.pm
index 15ea522d..14fad8c9 100644
--- a/lib/PBot/VERSION.pm
+++ b/lib/PBot/VERSION.pm
@@ -25,7 +25,7 @@ use PBot::Imports;
 # These are set by the /misc/update_version script
 use constant {
     BUILD_NAME     => "PBot",
-    BUILD_REVISION => 4835,
+    BUILD_REVISION => 4837,
     BUILD_DATE     => "2024-11-05",
 };