/calc command doesn't work.

Question

/calc command doesn't work.

Closed this issue 5 years ago · 3 comments

Due to changes present in commit 3b1f0b5a3306263467f65df35b292ded60372d7f, the calc command in broken. Please fix.

Answer 1 · 2019-11-24T20:54:48.000Z

@Aurumh4x and BunPao have exposed a vulnerability that allows for remote code execution on the machine that runs Chaddi. I'm planning to implement a better expression evaluator to fix this problem correct. Sorry about the trouble!

Answer 2 · 2019-11-24T21:12:28.000Z

050feda76606971c6d21a0b60dd015d69f3a3d3e will re-enables /calc. Expression evaluation is now done by numexpr lib.

Answer 3 · 2019-11-25T18:08:02.000Z

@arkits But it doesn't allow RCE now. Where's the fun in that?