From ac1a03d17b87b7d5c66e2d7e957f226f8ea21c4e Mon Sep 17 00:00:00 2001
From: shortcutme <tamas@zeronet.io>
Date: Sat, 15 Jul 2017 01:30:53 +0200
Subject: [PATCH] Don't allow more than 10 repetitions in one pattern

---
 src/util/SafeRe.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/util/SafeRe.py b/src/util/SafeRe.py
index 4c104f4f..1caa61a0 100644
--- a/src/util/SafeRe.py
+++ b/src/util/SafeRe.py
@@ -14,6 +14,11 @@ def isSafePattern(pattern):
     unsafe_pattern_match = re.search("[^\.][\*\{\+]", pattern)  # Always should be "." before "*{+" characters to avoid ReDoS
     if unsafe_pattern_match:
         raise UnsafePatternError("Potentially unsafe part of the pattern: %s" % unsafe_pattern_match.group(0))
+
+    repetitions = re.findall("\.[\*\{\+]", pattern)
+    if len(repetitions) >= 10:
+        raise UnsafePatternError("More than 10 repetitions of %s" % repetitions[0])
+
     return True