summaryrefslogtreecommitdiff
path: root/irc
diff options
context:
space:
mode:
Diffstat (limited to 'irc')
-rw-r--r--irc/bot.rkt20
1 files changed, 13 insertions, 7 deletions
diff --git a/irc/bot.rkt b/irc/bot.rkt
index abedd67..7366a6f 100644
--- a/irc/bot.rkt
+++ b/irc/bot.rkt
@@ -2,7 +2,8 @@
(require "core.rkt"
(for-syntax racket/base racket/syntax)
racket/string racket/function
- racket/stxparam)
+ racket/stxparam
+ racket/sandbox)
(provide (all-defined-out))
(define (replace-many s rep)
@@ -103,12 +104,17 @@
(on condition action ... hook-abort))
; does this belong here?
+; limit to 5s, 25MB to prevent reading 2^30 element vectors
+(define read-sandbox
+ (parameterize ([sandbox-eval-limits '(5 25)])
+ (make-evaluator 'racket/base)))
+
(define (safe-read-string s)
(call-with-default-reading-parameterization
(thunk
- parameterize ([read-square-bracket-as-paren #f]
- [read-curly-brace-as-paren #f]
- [read-accept-compiled #f]
- [read-accept-reader #f]
- [read-accept-lang #f])
- (read (open-input-string s)))))
+ (parameterize ([read-square-bracket-as-paren #f]
+ [read-curly-brace-as-paren #f]
+ [read-accept-compiled #f]
+ [read-accept-reader #f]
+ [read-accept-lang #f])
+ (read-sandbox `(read (open-input-string ,s)))))))