Skip to content

Commit

Permalink
Fix: remove catastrophic backtracking vulnerability (fixes #10002) (#…
Browse files Browse the repository at this point in the history 
…10019)

Change template substitution regex to exclude fields with whitespace.
This addresses possible O(n^2) catastrophic backtracking behavior.

Very unlikely to be exploited. For #10002.
  • Loading branch information
@davisjam @not-an-aardvark
davisjam authored and not-an-aardvark committed Feb 27, 2018
1 parent e4f52ce commit f6901d0
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion lib/util/interpolate.js
View file
Expand Up @@ -13,7 +13,11 @@ module.exports = (text, data) => {
if (!data) {
return text;
}
return text.replace(/\{\{\s*([^{}]+?)\s*\}\}/g, (fullMatch, term) => {

// Substitution content for any {{ }} markers.
return text.replace(/\{\{([^{}]+?)\}\}/g, (fullMatch, termWithWhitespace) => {
const term = termWithWhitespace.trim();

if (term in data) {
return data[term];
}
Expand Down

1 comment on commit f6901d0

@WilliamMajanja-zz
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Autobashing with Opensource AI bots

Please sign in to comment.