Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

svnwc: fix regular expression vulnerable to DoS in blame functionality #257

Merged
merged 1 commit into from Sep 20, 2020
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
svnwc: fix regular expression vulnerable to DoS in blame functionality
The subpattern `\d+\s*\S+` is ambiguous which makes the pattern subject
to catastrophic backtracing given a string like `"1" * 5000`.

SVN blame output seems to always have at least one space between the
revision number and the user name, so the ambiguity can be fixed by
changing the `*` to `+`.

Fixes #256.
  • Loading branch information
bluetech committed Sep 4, 2020
commit 4a9017dc6199d2a564b6e4b0aa39d6d8870e4144
2 changes: 1 addition & 1 deletion py/_path/svnwc.py
Expand Up @@ -396,7 +396,7 @@ def makecmdoptions(self):
def __str__(self):
return "<SvnAuth username=%s ...>" %(self.username,)

rex_blame = re.compile(r'\s*(\d+)\s*(\S+) (.*)')
rex_blame = re.compile(r'\s*(\d+)\s+(\S+) (.*)')

class SvnWCCommandPath(common.PathBase):
""" path implementation offering access/modification to svn working copies.
Expand Down