unsafe regex

This commit is contained in:
loicbersier 2020-03-29 18:49:20 +02:00
parent 7d934bb6f8
commit 408c24e0b8
4 changed files with 25 additions and 2 deletions

View file

@ -1,4 +1,5 @@
const { Command } = require('discord-akairo');
const safe = require('safe-regex');
const BannedWords = require('../../models').bannedWords;
class BannedWordsCommand extends Command {
@ -35,8 +36,7 @@ class BannedWordsCommand extends Command {
}
async exec(message, args) {
// eslint-disable-next-line no-useless-escape
if (message.content.includes('(?:\s|/\*.*\*/|//.*|#.*)*\(.*\)')) return; // This make bot crash
if (!safe(message.content)) return;
if (!args.word) args.word = '';
args.word = args.word.replace(/[\u0250-\ue007]/g, '');

View file

@ -1,12 +1,16 @@
const { Listener } = require('discord-akairo');
const rand = require('../../rand.js');
const Sequelize = require('sequelize');
const safe = require('safe-regex');
// Database
const Tag = require('../../models').Tag;
const autoResponse = require('../../models').autoresponse;
const autoResponseStat = require('../../models').autoresponseStat;
const BannedWords = require('../../models').bannedWords;
const WhitelistWord = require('../../models').whitelistWord;
const quotationStat = require('../../models').quotationStat;
const userBlacklist = require('../../models').userBlacklist;
class messageListener extends Listener {
constructor() {
@ -17,6 +21,10 @@ class messageListener extends Listener {
}
async exec(message) {
const blacklist = await userBlacklist.findOne({where: {userID:message.author.id}});
if (blacklist) return;
if (message.partial) {
await message.fetch()
.catch(() => {
@ -49,6 +57,7 @@ class messageListener extends Listener {
censoredMessage = censoredMessage.replace(/[\u0250-\ue007]/g, '');
for (let i = 0; i < bannedWords.length; i++) {
if (!safe(bannedWords[i].get('word'))) return;
let regex = new RegExp(bannedWords[i].get('word'), 'g');
censoredMessage = censoredMessage.replace(regex, '█'.repeat(bannedWords[i].get('word').length));
}

13
package-lock.json generated
View file

@ -6121,6 +6121,11 @@
"resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.3.tgz",
"integrity": "sha512-naKIZz2GQ8JWh///G7L3X6LaQUAMp2lvb1rvwwsURe/VXwD6VMfr+/1NuNw3ag8v2kY1aQ/go5SNn79O9JU7yw=="
},
"regexp-tree": {
"version": "0.1.21",
"resolved": "https://registry.npmjs.org/regexp-tree/-/regexp-tree-0.1.21.tgz",
"integrity": "sha512-kUUXjX4AnqnR8KRTCrayAo9PzYMRKmVoGgaz2tBuz0MF3g1ZbGebmtW0yFHfFK9CmBjQKeYIgoL22pFLBJY7sw=="
},
"regexpp": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/regexpp/-/regexpp-2.0.1.tgz",
@ -6296,6 +6301,14 @@
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
"integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
},
"safe-regex": {
"version": "2.1.1",
"resolved": "https://registry.npmjs.org/safe-regex/-/safe-regex-2.1.1.tgz",
"integrity": "sha512-rx+x8AMzKb5Q5lQ95Zoi6ZbJqwCLkqi3XuJXp5P3rT8OEc6sZCJG5AE5dU3lsgRr/F4Bs31jSlVN+j5KrsGu9A==",
"requires": {
"regexp-tree": "~0.1.1"
}
},
"safer-buffer": {
"version": "2.1.2",
"resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz",

View file

@ -26,6 +26,7 @@
"mysql2": "^1.7.0",
"node-fetch": "^2.6.0",
"node-opus": "^0.3.3",
"safe-regex": "^2.1.1",
"sequelize": "^5.21.5",
"sqlite3": "^4.1.0",
"superagent": "^4.1.0",