mirror of
https://github.com/pragma-/pbot.git
synced 2025-01-23 02:24:25 +01:00
Do some basic string validation for factoids and such
This commit is contained in:
parent
5262934e0d
commit
d6a845f988
@ -20,6 +20,7 @@ use POSIX qw(strftime);
|
|||||||
use Storable;
|
use Storable;
|
||||||
|
|
||||||
use PBot::Utils::SafeFilename;
|
use PBot::Utils::SafeFilename;
|
||||||
|
use PBot::Utils::ValidateString;
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
if(ref($_[1]) eq 'HASH') {
|
if(ref($_[1]) eq 'HASH') {
|
||||||
@ -357,6 +358,8 @@ sub factset {
|
|||||||
my $self = shift;
|
my $self = shift;
|
||||||
my ($from, $nick, $user, $host, $args) = @_;
|
my ($from, $nick, $user, $host, $args) = @_;
|
||||||
|
|
||||||
|
$args = validate_string($args);
|
||||||
|
|
||||||
my ($channel, $trigger, $arguments) = $self->find_factoid_with_optional_channel($from, $args, 'factset', 'Usage: factset [channel] <factoid> [key [value]]', 1);
|
my ($channel, $trigger, $arguments) = $self->find_factoid_with_optional_channel($from, $args, 'factset', 'Usage: factset [channel] <factoid> [key [value]]', 1);
|
||||||
return $channel if not defined $trigger; # if $trigger is not defined, $channel is an error message
|
return $channel if not defined $trigger; # if $trigger is not defined, $channel is an error message
|
||||||
|
|
||||||
@ -568,6 +571,7 @@ sub list {
|
|||||||
sub factmove {
|
sub factmove {
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
my ($from, $nick, $user, $host, $arguments) = @_;
|
my ($from, $nick, $user, $host, $arguments) = @_;
|
||||||
|
$arguments = validate_string($arguments);
|
||||||
my ($src_channel, $source, $target_channel, $target) = split /\s+/, $arguments, 4 if $arguments;
|
my ($src_channel, $source, $target_channel, $target) = split /\s+/, $arguments, 4 if $arguments;
|
||||||
|
|
||||||
my $usage = "Usage: factmove <source channel> <source factoid> <target channel/factoid> [target factoid]";
|
my $usage = "Usage: factmove <source channel> <source factoid> <target channel/factoid> [target factoid]";
|
||||||
@ -589,6 +593,14 @@ sub factmove {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (length $target > 20) {
|
||||||
|
return "/say $nick: I don't think the factoid name needs to be that long.";
|
||||||
|
}
|
||||||
|
|
||||||
|
if (length $target_channel > 20) {
|
||||||
|
return "/say $nick: I don't think the channel name needs to be that long.";
|
||||||
|
}
|
||||||
|
|
||||||
my ($found_src_channel, $found_source) = $self->{pbot}->{factoids}->find_factoid($src_channel, $source, undef, 1, 1);
|
my ($found_src_channel, $found_source) = $self->{pbot}->{factoids}->find_factoid($src_channel, $source, undef, 1, 1);
|
||||||
|
|
||||||
if(not defined $found_src_channel) {
|
if(not defined $found_src_channel) {
|
||||||
@ -639,6 +651,7 @@ sub factmove {
|
|||||||
sub factalias {
|
sub factalias {
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
my ($from, $nick, $user, $host, $arguments) = @_;
|
my ($from, $nick, $user, $host, $arguments) = @_;
|
||||||
|
$arguments = validate_string($arguments);
|
||||||
my ($chan, $alias, $command) = split /\s+/, $arguments, 3 if defined $arguments;
|
my ($chan, $alias, $command) = split /\s+/, $arguments, 3 if defined $arguments;
|
||||||
|
|
||||||
if(not defined $command) {
|
if(not defined $command) {
|
||||||
@ -647,6 +660,14 @@ sub factalias {
|
|||||||
|
|
||||||
$chan = '.*' if $chan !~ /^#/;
|
$chan = '.*' if $chan !~ /^#/;
|
||||||
|
|
||||||
|
if (length $alias > 20) {
|
||||||
|
return "/say $nick: I don't think the factoid name needs to be that long.";
|
||||||
|
}
|
||||||
|
|
||||||
|
if (length $chan > 20) {
|
||||||
|
return "/say $nick: I don't think the channel name needs to be that long.";
|
||||||
|
}
|
||||||
|
|
||||||
my ($channel, $alias_trigger) = $self->{pbot}->{factoids}->find_factoid($chan, $alias, undef, 1, 1);
|
my ($channel, $alias_trigger) = $self->{pbot}->{factoids}->find_factoid($chan, $alias, undef, 1, 1);
|
||||||
|
|
||||||
if(defined $alias_trigger) {
|
if(defined $alias_trigger) {
|
||||||
@ -665,6 +686,7 @@ sub add_regex {
|
|||||||
my $self = shift;
|
my $self = shift;
|
||||||
my ($from, $nick, $user, $host, $arguments) = @_;
|
my ($from, $nick, $user, $host, $arguments) = @_;
|
||||||
my $factoids = $self->{pbot}->{factoids}->{factoids}->hash;
|
my $factoids = $self->{pbot}->{factoids}->{factoids}->hash;
|
||||||
|
$arguments = validate_string($arguments);
|
||||||
my ($keyword, $text) = $arguments =~ /^(.*?)\s+(.*)$/ if defined $arguments;
|
my ($keyword, $text) = $arguments =~ /^(.*?)\s+(.*)$/ if defined $arguments;
|
||||||
|
|
||||||
$from = '.*' if not defined $from or $from !~ /^#/;
|
$from = '.*' if not defined $from or $from !~ /^#/;
|
||||||
@ -700,6 +722,8 @@ sub factadd {
|
|||||||
my ($from, $nick, $user, $host, $arguments) = @_;
|
my ($from, $nick, $user, $host, $arguments) = @_;
|
||||||
my ($from_chan, $keyword, $text);
|
my ($from_chan, $keyword, $text);
|
||||||
|
|
||||||
|
$arguments = validate_string($arguments);
|
||||||
|
|
||||||
if (defined $arguments) {
|
if (defined $arguments) {
|
||||||
if ($arguments =~ /^(#\S+|global|\.\*)\s+(\S+)\s+(?:is\s+)?(.*)$/i) {
|
if ($arguments =~ /^(#\S+|global|\.\*)\s+(\S+)\s+(?:is\s+)?(.*)$/i) {
|
||||||
($from_chan, $keyword, $text) = ($1, $2, $3);
|
($from_chan, $keyword, $text) = ($1, $2, $3);
|
||||||
@ -718,6 +742,14 @@ sub factadd {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (length $keyword > 20) {
|
||||||
|
return "/say $nick: I don't think the factoid name needs to be that long.";
|
||||||
|
}
|
||||||
|
|
||||||
|
if (length $from_chan > 20) {
|
||||||
|
return "/say $nick: I don't think the channel needs to be that long.";
|
||||||
|
}
|
||||||
|
|
||||||
$from_chan = '.*' if lc $from_chan eq 'global';
|
$from_chan = '.*' if lc $from_chan eq 'global';
|
||||||
$from_chan = '.*' if not $from_chan =~ m/^#/;
|
$from_chan = '.*' if not $from_chan =~ m/^#/;
|
||||||
|
|
||||||
@ -1113,7 +1145,7 @@ sub factfind {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if(not defined $argtype) {
|
if(not defined $argtype) {
|
||||||
return "Usage: factfind [-channel] [-owner regex] [-refby regex] [-editby regex] [text]";
|
return "Usage: factfind [-channel regex] [-owner regex] [-refby regex] [-editby regex] [text]";
|
||||||
}
|
}
|
||||||
|
|
||||||
my ($text, $last_trigger, $last_chan, $i);
|
my ($text, $last_trigger, $last_chan, $i);
|
||||||
@ -1166,6 +1198,8 @@ sub factchange {
|
|||||||
my $factoids = $self->{pbot}->{factoids}->{factoids}->hash;
|
my $factoids = $self->{pbot}->{factoids}->{factoids}->hash;
|
||||||
my ($channel, $trigger, $keyword, $delim, $tochange, $changeto, $modifier);
|
my ($channel, $trigger, $keyword, $delim, $tochange, $changeto, $modifier);
|
||||||
|
|
||||||
|
$arguments = validate_string($arguments);
|
||||||
|
|
||||||
my $needs_disambig;
|
my $needs_disambig;
|
||||||
|
|
||||||
if (defined $arguments) {
|
if (defined $arguments) {
|
||||||
|
@ -31,6 +31,7 @@ use PBot::FactoidModuleLauncher;
|
|||||||
use PBot::DualIndexHashObject;
|
use PBot::DualIndexHashObject;
|
||||||
|
|
||||||
use PBot::Utils::Indefinite;
|
use PBot::Utils::Indefinite;
|
||||||
|
use PBot::Utils::ValidateString;
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
if(ref($_[1]) eq 'HASH') {
|
if(ref($_[1]) eq 'HASH') {
|
||||||
@ -380,6 +381,7 @@ sub expand_factoid_vars {
|
|||||||
last if ++$depth >= 10;
|
last if ++$depth >= 10;
|
||||||
my $matches = 0;
|
my $matches = 0;
|
||||||
$action =~ s/\$0/$root_keyword/g;
|
$action =~ s/\$0/$root_keyword/g;
|
||||||
|
$action = validate_string($action);
|
||||||
my $const_action = $action;
|
my $const_action = $action;
|
||||||
while ($const_action =~ /(\ba\s*|\ban\s*)?(?<!\\)\$([a-zA-Z0-9_:\-#\[\]]+)/gi) {
|
while ($const_action =~ /(\ba\s*|\ban\s*)?(?<!\\)\$([a-zA-Z0-9_:\-#\[\]]+)/gi) {
|
||||||
my ($a, $v) = ($1, $2);
|
my ($a, $v) = ($1, $2);
|
||||||
@ -460,12 +462,15 @@ sub expand_factoid_vars {
|
|||||||
$action =~ s/\$0\b/$root_keyword/g;
|
$action =~ s/\$0\b/$root_keyword/g;
|
||||||
}
|
}
|
||||||
|
|
||||||
return $action;
|
return validate_string($action);
|
||||||
}
|
}
|
||||||
|
|
||||||
sub expand_action_arguments {
|
sub expand_action_arguments {
|
||||||
my ($self, $action, $input, $nick) = @_;
|
my ($self, $action, $input, $nick) = @_;
|
||||||
|
|
||||||
|
$action = validate_string($action);
|
||||||
|
$input = validate_string($input);
|
||||||
|
|
||||||
if (not defined $input or $input eq '') {
|
if (not defined $input or $input eq '') {
|
||||||
$action =~ s/\$args/$nick/g;
|
$action =~ s/\$args/$nick/g;
|
||||||
} else {
|
} else {
|
||||||
@ -622,16 +627,16 @@ sub execute_code_factoid {
|
|||||||
$action = "/say Error in factoid: $error";
|
$action = "/say Error in factoid: $error";
|
||||||
}
|
}
|
||||||
|
|
||||||
$action = substr $action, 0, 400;
|
|
||||||
$action =~ s/([\01-\010]|[\016-\037])/'\\' . ord $1/ge;
|
|
||||||
|
|
||||||
%SIG = %signals;
|
%SIG = %signals;
|
||||||
alarm 1;
|
alarm 1;
|
||||||
|
|
||||||
unless ($self->{factoids}->hash->{$chan}->{$keyword}->{interpolate} eq '0') {
|
unless ($self->{factoids}->hash->{$chan}->{$keyword}->{interpolate} eq '0') {
|
||||||
$action = $self->expand_factoid_vars($from, $tonick ? $tonick : $nick, $root_keyword, $action);
|
$action = $self->expand_factoid_vars($from, $tonick ? $tonick : $nick, $root_keyword, $action);
|
||||||
$action = $self->expand_action_arguments($action, $arguments, $tonick ? $tonick : $nick);
|
$action = $self->expand_action_arguments($action, $arguments, $tonick ? $tonick : $nick);
|
||||||
|
} else {
|
||||||
|
$action = validate_string($action);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $action;
|
return $action;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -19,6 +19,8 @@ use Time::Duration;
|
|||||||
use LWP::UserAgent;
|
use LWP::UserAgent;
|
||||||
use Carp ();
|
use Carp ();
|
||||||
|
|
||||||
|
use PBot::Utils::ValidateString;
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
if(ref($_[1]) eq 'HASH') {
|
if(ref($_[1]) eq 'HASH') {
|
||||||
Carp::croak("Options to " . __FILE__ . " should be key/value pairs, not hash reference");
|
Carp::croak("Options to " . __FILE__ . " should be key/value pairs, not hash reference");
|
||||||
@ -82,7 +84,7 @@ sub process_line {
|
|||||||
|
|
||||||
$text =~ s/^\s+//;
|
$text =~ s/^\s+//;
|
||||||
$text =~ s/\s+$//;
|
$text =~ s/\s+$//;
|
||||||
$text =~ s/([\01-\010]|[\016-\037])/'\\' . ord $1/ge;
|
$text = validate_string($text, 0);
|
||||||
|
|
||||||
my $cmd_text = $text;
|
my $cmd_text = $text;
|
||||||
$cmd_text =~ s/^\/me\s+//;
|
$cmd_text =~ s/^\/me\s+//;
|
||||||
@ -188,12 +190,11 @@ sub interpret {
|
|||||||
return undef;
|
return undef;
|
||||||
}
|
}
|
||||||
|
|
||||||
if($command =~ /^tell\s+(.{1,20})\s+about\s+(.*?)\s+(.*)$/i)
|
if($command =~ /^tell\s+(\p{PosixGraph}{1,20})\s+about\s+(.*?)\s+(.*)$/i) {
|
||||||
{
|
|
||||||
($keyword, $arguments, $tonick) = ($2, $3, $1);
|
($keyword, $arguments, $tonick) = ($2, $3, $1);
|
||||||
my $similar = $self->{pbot}->{nicklist}->is_present_similar($from, $tonick);
|
my $similar = $self->{pbot}->{nicklist}->is_present_similar($from, $tonick);
|
||||||
$tonick = $similar if $similar;
|
$tonick = $similar if $similar;
|
||||||
} elsif($command =~ /^tell\s+(.{1,20})\s+about\s+(.*)$/i) {
|
} elsif($command =~ /^tell\s+(\p{PosixGraph}{1,20})\s+about\s+(.*)$/i) {
|
||||||
($keyword, $tonick) = ($2, $1);
|
($keyword, $tonick) = ($2, $1);
|
||||||
my $similar = $self->{pbot}->{nicklist}->is_present_similar($from, $tonick);
|
my $similar = $self->{pbot}->{nicklist}->is_present_similar($from, $tonick);
|
||||||
$tonick = $similar if $similar;
|
$tonick = $similar if $similar;
|
||||||
|
Loading…
Reference in New Issue
Block a user