Message385974
Hi,
I find this regex '(?:^|,)[ \t]*([^ \t]+)[ \t]+' may be stucked by input.
The vulnerable regex is located in https://github.com/python/cpython/blob/5c5a938573ce665f00e362c7766912d9b3f3b44e/Lib/urllib/request.py#L946
The ReDOS vulnerability of the regex is mainly due to the sub-pattern ',([^ \t]+)' and can be exploited with the following string
attack_str = "," * 10000
You can execute redos_python.py to reproduce the ReDos vulnerability.
I am willing to suggest that you replace '(?:^|,)[ \t]*([^ \t]+)[ \t]+' with '(?:^|,)[ \t]*([^ \t,]+)[ \t]+'
Looking forward for your response!
Best,
Yeting Li |
|
Date |
User |
Action |
Args |
2021-01-30 08:11:46 | yetingli | set | recipients:
+ yetingli |
2021-01-30 08:11:46 | yetingli | set | messageid: <1611994306.46.0.333529770265.issue43075@roundup.psfhosted.org> |
2021-01-30 08:11:46 | yetingli | link | issue43075 messages |
2021-01-30 08:11:46 | yetingli | create | |
|