Mikaela
/
Limnoria
mirror of https://github.com/Mikaela/Limnoria.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Math.rpn should use _mathSafeEnv, otherwise untrusted users can freeze the bot

This commit is contained in:
jacksonmj 2015-08-29 01:19:50 +00:00
parent 943c8bc495
commit 1aeb847509
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
plugins/Math/plugin.py
View File

@ -279,8 +279,8 @@ class Math(callbacks.Plugin):
x = abs(x)
stack.append(x)
except ValueError: # Not a float.
if arg in self._mathEnv:
f = self._mathEnv[arg]
if arg in self._mathSafeEnv:
f = self._mathSafeEnv[arg]
if callable(f):
called = False
arguments = []
@ -303,7 +303,7 @@ class Math(callbacks.Plugin):
arg1 = stack.pop()
s = '%s%s%s' % (arg1, arg, arg2)
try:
stack.append(eval(s, self._mathEnv, self._mathEnv))
stack.append(eval(s, self._mathSafeEnv, self._mathSafeEnv))
except SyntaxError:
irc.error(format(_('%q is not a defined function.'),
arg))