Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rework prefix parsing (closes #11) #13

Merged
merged 4 commits into from
Aug 4, 2021
Merged

Rework prefix parsing (closes #11) #13

merged 4 commits into from
Aug 4, 2021

Conversation

freya022
Copy link

Pull Request

Pull Request Checklist

Please follow the following steps before opening this PR.

PRs that do not complete the checklist will be subject to denial for
missing information.

Pull Request Information

Check and fill in the blanks for all that apply:

  • My PR fixes a bug, error, or other issue with the library's codebase.
  • My PR is for the commands module of the JDA-Utilities library.
  • My PR creates a new module for the JDA-Utilities library: ______.

Description

Fixes a regex DoS vulnerability and unexpected exceptions on inputs like !!? where the prefix is !!, also reworks the message parsing and removes weird things

@freya022 freya022 changed the title Rework prefix parsing, remove some non sense including this weird Arr… Rework prefix parsing (closes #11) Jul 29, 2021
Chew
Chew requested changes Aug 4, 2021
View reviewed changes
Copy link
Owner

@Chew Chew left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you! Tested and found some issues:

Settings:

client.setPrefix("!");
client.setAlternativePrefix("?");
client.setPrefixes(new String[]{"<@!476489671313063936> ", "<", "bruh", "bruh, "});
client.setPrefixFunction(event -> {
    if (event.isFromGuild()) {
        return event.getGuild().getId();
    }
    return null;
});

(Valid prefixes are: !, ?. <@!476489671313063936> , <, bruh, bruh, , the server ID)

Tested with a simple ping command.

Input event.getPrefix() event.getArgs()
!ping ! N/A
!ping bruh ! "bruh"
?ping ? N/A
?ping bruh ? "bruh"
<@!476489671313063936> ping <@!476489671313063936> N/A
<@!476489671313063936> ping bruh <@!476489671313063936> "bruh"
<ping < N/A
<ping bruh < "bruh"
bruhping bruh N/A
bruhping bruh bruh "bruh"
bruh, ping ping N/A
bruh, ping bruh ping "bruh"
148195924567392257ping 148195924567392257 N/A
148195924567392257ping bruh 148195924567392257 "bruh"

command/src/main/java/com/jagrosh/jdautilities/command/impl/CommandClientImpl.java Show resolved Hide resolved
@freya022 freya022 requested a review from Chew August 4, 2021 10:41
@Chew Chew enabled auto-merge (squash) August 4, 2021 21:05
Chew
Chew approved these changes Aug 4, 2021
View reviewed changes
Copy link
Owner

@Chew Chew left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Retested, gradle being dum, seems fine.

@Chew Chew merged commit 8e71a2a into Chew:master Aug 4, 2021
@brandonfl brandonfl mentioned this pull request Dec 12, 2021
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Chew Chew Chew approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@freya022 @Chew