[New-bugs-announce] [issue41715] REDoS inc_analyzer
yeting li
report at bugs.python.org
Fri Sep 4 07:11:24 EDT 2020
New submission from yeting li <liyt at ios.ac.cn>:
Hi,
I find this regex "^([a-zA-Z]|_\w*[a-zA-Z]\w*|[a-zA-Z]\w*)$" may be stucked by input.
The vulnerable regex is located in
https://github.com/python/cpython/blob/54a66ade2067c373d31003ad260e1b7d14c81564/Tools/c-analyzer/c_analyzer/common/info.py#L12
The ReDOS vulnerability of the regex is mainly due to the sub-pattern \w*[a-zA-Z]\w*
and can be exploited with the following string
"_" + "a" * 5000 + "!"
I think you can limit the input length or fix this regex.
Looking forward for your response!
Best,
Yeting Li
----------
files: info.py
messages: 376355
nosy: yetingli
priority: normal
severity: normal
status: open
title: REDoS inc_analyzer
Added file: https://bugs.python.org/file49445/info.py
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue41715>
_______________________________________
More information about the New-bugs-announce
mailing list