Skip to content

Commit

Permalink
Adding changes from PR 763
Browse files Browse the repository at this point in the history
  • Loading branch information
@arp-0984
arp-0984 committed May 9, 2024
1 parent ed76e7c commit 1b7c662
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 4 deletions.
5 changes: 3 additions & 2 deletions src/main/java/emissary/util/FlexibleDateTimeParser.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ public final class FlexibleDateTimeParser {
* Remove other junk -- anything in an html tag, all parenthesis and quotes, and any non-word characters at the
* beginning or end
*/
private static final Pattern REMOVE = Pattern.compile("<.+?>|=0D$|\\(|\\)|\"|\\[|]|\\W+$|^\\W+", Pattern.DOTALL);
private static final Pattern REMOVE = Pattern.compile("<.+?>$|=0D$|\\(|\\)|\"|\\[|]|\\W+$|^\\W+", Pattern.DOTALL);

private static final Pattern PHT_REPLACE = Pattern.compile("PHT");
private static final String PT_TIMEZONE = "PT";
Expand Down Expand Up @@ -264,7 +264,8 @@ private static String cleanDateString(final String date) {
return date;
}

String cleanedDateString = date;
// date strings over 100 characters are more than likely invalid
String cleanedDateString = StringUtils.substring(date, 0, 100);
cleanedDateString = REPLACE.matcher(cleanedDateString).replaceAll(SPACE);
cleanedDateString = REMOVE.matcher(cleanedDateString).replaceAll(EMPTY);

Check failure

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High

This
regular expression
Loading
that depends on a
user-provided value
Loading
may run slow on strings starting with '<' and with many repetitions of '<'.
This
regular expression
Loading
that depends on a
user-provided value
Loading
may run slow on strings with many repetitions of ' '.

Expand Down
5 changes: 3 additions & 2 deletions src/test/java/emissary/util/FlexibleDateTimeParserTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

import emissary.test.core.junit5.UnitTest;

import org.apache.commons.lang3.RandomStringUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;
Expand Down Expand Up @@ -622,15 +623,14 @@ void parse_yyyy_DDD() {
@Test
void testCleanDateString() {
test("2016-01-04 18:20<br>", EXPECTED_NO_SECS, "HTML");
test("2016-01-04 18:20<br>br>", EXPECTED_NO_SECS, "HTML");
test("2016-01-04\t\t18:20", EXPECTED_NO_SECS, "TABS");
test("2016-01-04 18:20", EXPECTED_NO_SECS, "SPACES");
test("2016-01-04 18:20=0D", EXPECTED_NO_SECS, "qp'ified ending");
test("$$2016-01-04 18:20:00$$", EXPECTED_NO_SECS, "Extra characters at the beginning and end");
test("2016-01-04 (18:20:00)", EXPECTED_NO_SECS, "Extra parenthesis");
test("2016-01-04 18:20:00 [GMT]", EXPECTED_NO_SECS, "Extra brackets");
test("\"Mon\", 4 Jan 2016 18:20 +0000 \"EST\"", EXPECTED_NO_SECS, "Extra quotes");
test("2016-01-04 18:20:00 +0000.1234", EXPECTED_NO_SECS, "");
test("2016-01-04 18:20:00", EXPECTED_NO_SECS, "");
}

@Test
Expand All @@ -641,5 +641,6 @@ void testBad() {
assertNull(FlexibleDateTimeParser.parse("1234", Collections.singletonList(null)));
test("17.Mar.2016", 0L, "UNKNOWN");
test("Mon, 2 Feb 2017 06:20:30 PM +0000", 0L, "UNKNOWN");
test("2016:01:04 18:20:30 GMT+0000<" + RandomStringUtils.randomAlphanumeric(75) + ">", 0L, "UNKNOWN");
}
}

0 comments on commit 1b7c662

Please sign in to comment.