Misc: fix potential ddos when misc.last command is fed a specially-cr…

…afted regexp. Conflicts: plugins/Misc/plugin.py
progval · Aug 12, 2011 · e11dc28 · e11dc28
1 parent 91ac1c2
commit e11dc28
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 7 deletions.
diff --git a/plugins/Misc/plugin.py b/plugins/Misc/plugin.py
@@ -43,6 +43,8 @@
 import supybot.ircmsgs as ircmsgs
 import supybot.ircutils as ircutils
 import supybot.callbacks as callbacks
+from supybot import commands
+
 from supybot.utils.iter import ifilter
 from supybot.i18n import PluginInternationalization, internationalizeDocstring
 _ = PluginInternationalization('Misc')
@@ -335,14 +337,27 @@ def f(m, arg=arg):
                 predicates.setdefault('without', []).append(f)
             elif option == 'regexp':
                 def f(m, arg=arg):
-                    startedOn = time.time()
+                    def f1(s, arg):
+                        """Since we can't enqueue match objects into the multiprocessing queue,
+                        we'll just wrap the function to return bools."""
+                        if arg.search(s) is not None:
+                            return True
+                        else:
+                            return False
                     if ircmsgs.isAction(m):
-                        return_ = arg.search(ircmsgs.unAction(m))
+                        m1 = ircmsgs.unAction(m)
+                        #return arg.search(ircmsgs.unAction(m))
                     else:
-                        return_ = arg.search(m.args[1])
-                    if startedOn + 0.0001 < time.time():
-                        raise RegexpTimeout()
-                    return return_
+                        m1 = m.args[1]
+                        #return arg.search(m.args[1])
+                    try:
+                        # use a subprocess here, since specially crafted regexps can
+                        # take exponential time and hang up the bot.
+                        # timeout of 0.1 should be more than enough for any normal regexp.
+                        v = commands.process(f1, m1, arg, timeout=0.1, pn=self.name(), cn='last')
+                        return v
+                    except commands.ProcessTimeoutError:
+                        return False
                 predicates.setdefault('regexp', []).append(f)
             elif option == 'nolimit':
                 nolimit = True

diff --git a/src/version.py b/src/version.py
@@ -1,3 +1,3 @@
 """stick the various versioning attributes in here, so we only have to change
 them once."""
-version = '0.83.4.1+limnoria (2011-08-13T01:55:24+0200)'
+version = '0.83.4.1+limnoria (2011-08-13T01:56:21+0200)'