From a1225b6d0dfdfaadcde56e4745e8ad57f107142a Mon Sep 17 00:00:00 2001 From: Omar Roth Date: Sat, 26 Oct 2019 10:17:25 -0400 Subject: [PATCH] Sanitize input to decode_length_seconds --- src/invidious/helpers/utils.cr | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/invidious/helpers/utils.cr b/src/invidious/helpers/utils.cr index 5ddc8375..8d4eff9b 100644 --- a/src/invidious/helpers/utils.cr +++ b/src/invidious/helpers/utils.cr @@ -1675,7 +1675,7 @@ def make_client(url : URI, region = nil) end def decode_length_seconds(string) - length_seconds = string.split(":").map { |a| a.to_i } + length_seconds = string.gsub(/[^0-9:]/, "").split(":").map &.to_i length_seconds = [0] * (3 - length_seconds.size) + length_seconds length_seconds = Time::Span.new(length_seconds[0], length_seconds[1], length_seconds[2]) length_seconds = length_seconds.total_seconds.to_i