Regular Expression DoS vulnerabilities in plugins/importers/dart.py

[yinxiL]

We are working on the ReDoS problem and detected a vulnerable regex from your code.

^\s*([\w_]+\s*)+\( in link takes forever to match the string
"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000\b"
We suggest you change the structure ([\w_]+\s*)+, to [\w_][\w_\s]*.

We didn’t create a pull request because we're not sure if this case is possible to take place in your program, we also do not understand the functionality of the regex as you do. Thank you for your understanding.

[edreamleo]

@IncyLiu Thanks for this report. The things we never dream of...

@vitalije Thanks for the fix.

[abergmann]

CVE-2020-23478 was assigned to this issue.

[edreamleo]

@abergmann Thanks for this update.

I fail to understand why this is a problem.

In order to execute the supposedly problematic regex, the "attacker" would have to get Leo to import a dart file. If the attacker can do that, they could just as easily wipe the hard drive.