From: Christian Heller <c.heller@plomlompom.de>
Date: Sat, 5 Dec 2020 11:00:43 +0000 (+0100)
Subject: Whitelist legal input characters.
X-Git-Url: https://plomlompom.com/repos/%7B%7Bdb.prefix%7D%7D/static/%7B%7Bprefix%7D%7D/test.html?a=commitdiff_plain;h=124e135b89821306ac924a9387cd6a7799d0a65e;p=plomrogue2

Whitelist legal input characters.
---

diff --git a/plomrogue/parser.py b/plomrogue/parser.py
index 69f728e..2820c18 100644
--- a/plomrogue/parser.py
+++ b/plomrogue/parser.py
@@ -78,6 +78,14 @@ class Parser:
 
         Respects function signature defined in function's .argtypes attribute.
         """
+        import string
+        msg = msg.rstrip()
+        legal_chars = string.digits + string.ascii_letters +\
+            string.punctuation + ' ' + 'ÄäÖöÜüߧ' + 'éèáàô'
+        for c in msg:
+            if not c in legal_chars:
+                raise ArgError('Command/message contains illegal character(s), '
+                               'may only contain ones of: %s' % legal_chars)
         tokens = self.tokenize(msg)
         if len(tokens) == 0:
             return None, ()