In math.js there are vulnerabilities where if a person enters a impossible question, 1:999999999999999999999, it will crash the node.js process, any ideas?
The code I use for calculations:
let resp;
try {
resp = math.evaluate(args.join(" "))
} catch (e) {
return message.channel.send('Please provide a **valid** question')
}
On
It's really absurd but if 1:999999999999999999999 is your only concern, I have noticed that / does not cause any problems but : does. So you could replace every : in your calculation with /.
let resp;
try {
resp = math.evaluate(args.join(" ").replace(/:/g, "/"))
} catch (e) {
return message.channel.send('Please provide a **valid** question')
}
You can use a child process for running the calculations and limiting the maximum memory of processes on your OS, if you are using linux on a raspberry pi for example