From 8dfa0220c32c50fc2f593768876ddf85f1f2e0f2 Mon Sep 17 00:00:00 2001
From: RogueException <rogueexception@gmail.com>
Date: Fri, 31 Mar 2017 15:18:35 -0300
Subject: [PATCH] Prevent overlapping tags

---
 src/Discord.Net.Core/Utils/MentionUtils.cs       |  9 +++++++++
 .../Entities/Messages/MessageHelper.cs           | 16 ++++++++++++++--
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/src/Discord.Net.Core/Utils/MentionUtils.cs b/src/Discord.Net.Core/Utils/MentionUtils.cs
index 4d9add8fd..60e065b62 100644
--- a/src/Discord.Net.Core/Utils/MentionUtils.cs
+++ b/src/Discord.Net.Core/Utils/MentionUtils.cs
@@ -256,6 +256,15 @@ namespace Discord
             if (mode != TagHandling.Remove)
             {
                 Emoji emoji = (Emoji)tag.Value;
+
+                //Remove if its name contains any bad chars (prevents a few tag exploits)
+                for (int i = 0; i < emoji.Name.Length; i++)
+                {
+                    char c = emoji.Name[i];
+                    if (!char.IsLetterOrDigit(c) && c != '_' && c != '-')
+                        return "";
+                }
+
                 switch (mode)
                 {
                     case TagHandling.Name:
diff --git a/src/Discord.Net.Rest/Entities/Messages/MessageHelper.cs b/src/Discord.Net.Rest/Entities/Messages/MessageHelper.cs
index 56afb74ae..d872901fa 100644
--- a/src/Discord.Net.Rest/Entities/Messages/MessageHelper.cs
+++ b/src/Discord.Net.Rest/Entities/Messages/MessageHelper.cs
@@ -126,7 +126,8 @@ namespace Discord.Rest
                 index = text.IndexOf("@everyone", index);
                 if (index == -1) break;
 
-                tags.Add(new Tag<object>(TagType.EveryoneMention, index, "@everyone".Length, 0, null));
+                if (!TagOverlaps(tags, index))
+                    tags.Add(new Tag<object>(TagType.EveryoneMention, index, "@everyone".Length, 0, null));
                 index++;
             }
 
@@ -136,12 +137,23 @@ namespace Discord.Rest
                 index = text.IndexOf("@here", index);
                 if (index == -1) break;
 
-                tags.Add(new Tag<object>(TagType.HereMention, index, "@here".Length, 0, null));
+                if (!TagOverlaps(tags, index))
+                    tags.Add(new Tag<object>(TagType.HereMention, index, "@here".Length, 0, null));
                 index++;
             }
 
             return tags.ToImmutable();
         }
+        private static bool TagOverlaps(IReadOnlyList<ITag> tags, int index)
+        {
+            for (int i = 0; i < tags.Count; i++)
+            {
+                var tag = tags[i];
+                if (index >= tag.Index && index < tag.Index + tag.Length)
+                    return true;
+            }
+            return false;
+        }
         public static ImmutableArray<ulong> FilterTagsByKey(TagType type, ImmutableArray<ITag> tags)
         {
             return tags