Fix ReDOS vulnerability

Fixes #548, with the workaround suggested by @yetingli.
mpmath · Feb 10, 2021 · c811b37 · c811b37
1 parent c6a35f9
commit c811b37
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 2 deletions.
diff --git a/mpmath/ctx_mp.py b/mpmath/ctx_mp.py
@@ -42,8 +42,8 @@
 
 new = object.__new__
 
-get_complex = re.compile(r'^\(?(?P<re>[\+\-]?\d*\.?\d*(e[\+\-]?\d+)?)??'
-                         r'(?P<im>[\+\-]?\d*\.?\d*(e[\+\-]?\d+)?j)?\)?$')
+get_complex = re.compile(r'^\(?(?P<re>[\+\-]?\d*(\.\d*)?(e[\+\-]?\d+)?)??'
+                         r'(?P<im>[\+\-]?\d*(\.\d*)?(e[\+\-]?\d+)?j)?\)?$')
 
 if BACKEND == 'sage':
     from sage.libs.mpmath.ext_main import Context as BaseMPContext

diff --git a/mpmath/tests/test_convert.py b/mpmath/tests/test_convert.py
@@ -194,6 +194,16 @@ def test_mpmathify():
     assert mpmathify('(1.2e-10 - 3.4e5j)') == mpc('1.2e-10', '-3.4e5')
     assert mpmathify('1j') == mpc(1j)
 
+def test_issue548():
+    try:
+        # This expression is invalid, but may trigger the ReDOS vulnerability
+        # in the regular expression.
+        mpmathify('(' + '1' * 5000 + '!j')
+    except:
+        return
+    # The expression is invalid and should raise an exception.
+    assert False
+
 def test_compatibility():
     try:
         import numpy as np