oci/zeronet
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Detect potentionally unsafe regex patterns

Browse source
This commit is contained in:
shortcutme 2017-07-14 10:31:42 +02:00
parent 3f5a5b4f9b
commit bf41c7b651
No known key found for this signature in database
GPG key ID: 5B63BAE6CB9613AE
1 changed files with 20 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
src/util/SafeRe.py Normal file
View file

@ -0,0 +1,20 @@
import re
class UnsafePatternError(Exception):
pass
def isSafePattern(pattern):
if len(pattern) > 255:
raise UnsafePatternError("Pattern too long: %s characters" % len(pattern))
unsafe_pattern_match = re.search("[^\.][\*\{\+]", pattern) # Always should be "." before "*{+" characters to avoid ReDoS
if unsafe_pattern_match:
raise UnsafePatternError("Potentially unsafe part of the pattern: %s" % unsafe_pattern_match.group(0))
return True
def match(pattern, *args, **kwargs):
if isSafePattern(pattern):
return re.match(pattern, *args, **kwargs)