cadey
/
h
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

security: strip newlines embedded in parameters to prevent arbitrary command execution

This commit is contained in:
Ryan Hitchman 2013-07-19 13:01:34 -05:00
parent 4bc268f5a4
commit 1281756d49
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
core/irc.py
View File

@ -17,6 +17,7 @@ def decode(txt):
def censor(text): def censor(text):
text = text.replace('\n', '').replace('\r', '')
replacement = '[censored]' replacement = '[censored]'
if 'censored_strings' in bot.config: if 'censored_strings' in bot.config:
words = map(re.escape, bot.config['censored_strings']) words = map(re.escape, bot.config['censored_strings'])