You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are working on the ReDoS problem and detected a vulnerable regex from your code.
^\s*([\w_]+\s*)+\( in link takes forever to match the string "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000\b"
We suggest you change the structure ([\w_]+\s*)+, to [\w_][\w_\s]*.
We didn’t create a pull request because we're not sure if this case is possible to take place in your program, we also do not understand the functionality of the regex as you do. Thank you for your understanding.
The text was updated successfully, but these errors were encountered:
In order to execute the supposedly problematic regex, the "attacker" would have to get Leo to import a dart file. If the attacker can do that, they could just as easily wipe the hard drive.
We are working on the ReDoS problem and detected a vulnerable regex from your code.
^\s*([\w_]+\s*)+\(
in link takes forever to match the string"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000\b"
We suggest you change the structure
([\w_]+\s*)+
, to[\w_][\w_\s]*
.We didn’t create a pull request because we're not sure if this case is possible to take place in your program, we also do not understand the functionality of the regex as you do. Thank you for your understanding.
The text was updated successfully, but these errors were encountered: