Issue 8012: Regular Expression DoS #8013

Merged
merged 1 commit into from Apr 19, 2016

Projects

None yet

2 participants

@simonlindholm
Member
simonlindholm commented Apr 19, 2016 edited

Fixes #8012.

@janodvarko janodvarko commented on the diff Apr 19, 2016
extension/content/firebug/lib/url.js
@@ -417,7 +417,7 @@ Url.normalizeURL = function(url)
// Normalize path traversals (a/b/../c -> a/c).
while (url.indexOf("/../") !== -1 && url[0] != "/")
- url = url.replace(/[^\/]+\/\.\.\//g, "");
+ url = url.replace(/[^\/]+\/+\.\.\//g, "");
@janodvarko
janodvarko Apr 19, 2016 Member

Thanks for quick patch!

I am getting: http://prevenity.com/test
From: http://prevenity.com/?falsevariable=test;//;../../../test
While better would probably be: http://prevenity.com/

But, the original infinite loop is gone and that's what the report is about.
Honza

@janodvarko janodvarko merged commit f0ff986 into firebug:master Apr 19, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment