summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortilpner2018-08-12 21:05:41 +0200
committertilpner2018-08-12 21:05:41 +0200
commit7fdce5162b51d682046a7c75c9fbcaeac271c6d9 (patch)
treeecdba94f1abddc16a80544fbb61458f444c313f2
parent241df2cbe4004f566fae82d77b93dd15e64a1991 (diff)
downloadmeep-7fdce5162b51d682046a7c75c9fbcaeac271c6d9.tar.gz
meep-7fdce5162b51d682046a7c75c9fbcaeac271c6d9.tar.xz
meep-7fdce5162b51d682046a7c75c9fbcaeac271c6d9.zip
Sandbox reads, prevent DOS by vector literals
-rw-r--r--irc/bot.rkt20
1 files changed, 13 insertions, 7 deletions
diff --git a/irc/bot.rkt b/irc/bot.rkt
index abedd67..7366a6f 100644
--- a/irc/bot.rkt
+++ b/irc/bot.rkt
@@ -2,7 +2,8 @@
(require "core.rkt"
(for-syntax racket/base racket/syntax)
racket/string racket/function
- racket/stxparam)
+ racket/stxparam
+ racket/sandbox)
(provide (all-defined-out))
(define (replace-many s rep)
@@ -103,12 +104,17 @@
(on condition action ... hook-abort))
; does this belong here?
+; limit to 5s, 25MB to prevent reading 2^30 element vectors
+(define read-sandbox
+ (parameterize ([sandbox-eval-limits '(5 25)])
+ (make-evaluator 'racket/base)))
+
(define (safe-read-string s)
(call-with-default-reading-parameterization
(thunk
- parameterize ([read-square-bracket-as-paren #f]
- [read-curly-brace-as-paren #f]
- [read-accept-compiled #f]
- [read-accept-reader #f]
- [read-accept-lang #f])
- (read (open-input-string s)))))
+ (parameterize ([read-square-bracket-as-paren #f]
+ [read-curly-brace-as-paren #f]
+ [read-accept-compiled #f]
+ [read-accept-reader #f]
+ [read-accept-lang #f])
+ (read-sandbox `(read (open-input-string ,s)))))))