DoS vector in onMath

[euank]

<mallory> 8000000000000000000000000000000000000000000000000000/123
<bot> *dies*

[euank]

The DoS is not quite where I expected.

The bit where the math is evaluated, below, isn't actually taking a significant amount of time with that input:

https://github.com/euank/EuIrcBot/blob/2e4e06e5f02229a8f23b42d637e845fd35324435/modules/onMath/index.js#L8-L10

Rather, it's one of the input filters that blows up:

https://github.com/euank/EuIrcBot/blob/2e4e06e5f02229a8f23b42d637e845fd35324435/modules/onMath/index.js#L86-L88

That ignoreRe is a 'regex-chain' of about 11 different regexes 'or'ed together:

https://github.com/euank/EuIrcBot/blob/2e4e06e5f02229a8f23b42d637e845fd35324435/modules/onMath/index.js#L2

https://github.com/euank/EuIrcBot/blob/2e4e06e5f02229a8f23b42d637e845fd35324435/modules/onMath/index.js#L38-L56

I wonder who wrote this 'regex-chain' module that seems to be blowing up... Oh no, it was me, oh gosh.

[euank]

The only one of those regexes that seems to grow exponentially is const onlyTime = new RC(/^(:?[0-9]+:?)+$/);.

This doesn't appear to be regex-chain being bad, but rather that regex being bad.