Permalink
Browse files

fix vulnerable pattern in trim http://stackstatus.net/post/1477106246…

  • Loading branch information...
leafo committed Jul 21, 2016
1 parent 642041f commit 4a58f5c12582796b3c7e0ad784630fc6be56b92d
Showing with 18 additions and 2 deletions.
  1. +6 −1 lapis/util.lua
  2. +7 −1 lapis/util.moon
  3. +5 −0 spec/util_spec.moon
View
@@ -167,7 +167,12 @@ uniquify = function(list)
end)()
end
trim = function(str)
return tostring(str):match("^%s*(.-)%s*$")
str = tostring(str)
if #str > 200 then
return str:gsub("^%s+", ""):reverse():gsub("^%s+", ""):reverse()
else
return str:match("^%s*(.-)%s*$")
end
end
trim_all = function(tbl)
for k, v in pairs(tbl) do
View
@@ -102,7 +102,13 @@ uniquify = (list) ->
seen[item] = true
item
trim = (str) -> tostring(str)\match "^%s*(.-)%s*$"
trim = (str) ->
str = tostring str
if #str > 200
str\gsub("^%s+", "")\reverse()\gsub("^%s+", "")\reverse()
else
str\match "^%s*(.-)%s*$"
trim_all = (tbl) ->
for k,v in pairs tbl
View
@@ -249,6 +249,11 @@ tests = {
"blah blah"
}
{
-> util.trim " hello#{" "\rep 20000}world "
"hello#{" "\rep 20000}world"
}
{
-> util.trim_filter {
" ", " thing ",

0 comments on commit 4a58f5c

Please sign in to comment.