From 16ebf6375f361b7db8451cc75b1ac42f69c61d4e Mon Sep 17 00:00:00 2001
From: Dooley_labs <elderlabs@users.noreply.github.com>
Date: Mon, 29 Oct 2018 18:35:50 -0400
Subject: [PATCH] @everyone (#114)

Most bots have administrator perms, which means this little exploit allows the bot to `@everyone`. This fixes that. Thanks Xenthys.
---
 disco/bot/parser.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/disco/bot/parser.py b/disco/bot/parser.py
index bc9572f..11e81f7 100644
--- a/disco/bot/parser.py
+++ b/disco/bot/parser.py
@@ -1,6 +1,7 @@
 import re
 import six
 import copy
+from disco.util.sanitize import S
 
 # Regex which splits out argument parts
 PARTS_RE = re.compile('(\<|\[|\{)((?:\w+|\:|\||\.\.\.| (?:[0-9]+))+)(?:\>|\]|\})')
@@ -202,7 +203,7 @@ class ArgumentSet(object):
                         raw[idx] = self.convert(ctx, arg.types, r)
                     except Exception:
                         raise ArgumentError(u'cannot convert `{}` to `{}`'.format(
-                            r, ', '.join(arg.types),
+                            S(r), ', '.join(arg.types),
                         ))
 
             if arg.count == 1: