Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix vulnerable regexp in rules 933161, 933180 and 933160 #1362

Open
wants to merge 1 commit into
base: v3.2/dev
from

Conversation

Projects
None yet
2 participants
@s0md3v
Copy link

commented Apr 16, 2019

  • Use ? (optional match operator) instead of * (0 to infinity operator)
  • Fixed .* matching the next desired token
  • Resolved remote intersecting patterns
  • Fixes #1356, Fixes #1357, Fixes #1358
Mitigate Multple ReDOS Vulnerabilities
- Use `?` (optional match operator) instead of `*` (0 to infinity operator)
- Fixed `.*` matching the next desired token
- Resolved remote intersecting patterns
@fgsch

This comment has been minimized.

Copy link
Collaborator

commented Apr 16, 2019

Same here as my other comments:

  1. Can you reproduce this with Modsecurty?
  2. These regexp are generated (see comments).
@fgsch

This comment has been minimized.

Copy link
Collaborator

commented Apr 26, 2019

Tests are failing:

util/regression-tests/CRS_Tests.py::test_crs[ruleset333-933180.yaml -- 933180-8] FAILED
util/regression-tests/CRS_Tests.py::test_crs[ruleset343-933180.yaml -- 933180-18] FAILED
util/regression-tests/CRS_Tests.py::test_crs[ruleset344-933180.yaml -- 933180-19] FAILED
util/regression-tests/CRS_Tests.py::test_crs[ruleset345-933180.yaml -- 933180-20] FAILED
util/regression-tests/CRS_Tests.py::test_crs[ruleset349-933180.yaml -- 933180-24] FAILED
util/regression-tests/CRS_Tests.py::test_crs[ruleset351-933180.yaml -- 933180-26] FAILED
util/regression-tests/CRS_Tests.py::test_crs[ruleset352-933180.yaml -- 933180-27] FAILED

@fgsch fgsch changed the title Mitigate Multple ReDOS Vulnerabilities Fix vulnerable regexp ins rules 933161, 933180 and 933160 Apr 29, 2019

@fgsch fgsch changed the title Fix vulnerable regexp ins rules 933161, 933180 and 933160 Fix vulnerable regexp in rules 933161, 933180 and 933160 Apr 29, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.