Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Trivial RegExp DoS (leading spaces) #598

Open
jasisk opened this issue Aug 12, 2024 · 3 comments
Open

Trivial RegExp DoS (leading spaces) #598

jasisk opened this issue Aug 12, 2024 · 3 comments

Comments

@jasisk
Copy link

jasisk commented Aug 12, 2024

The code block regex allows for a DoS. Can be reproduced with ~100 spaces.

Reproduction in regex debugger.

Reproduce in the playground:

text
                                                                                                                                                      
text
@narcis-fv
Copy link

This is a serious issue, I've been seeing it as well. Any workaround @jasisk until this gets answered?

@narcis-fv
Copy link

I've been removing the leading whitespace, using a regex:

const sanitizedString = inputString.replace(/\s+/g, " ");

@BLamy
Copy link

BLamy commented Nov 14, 2024
edited
Loading

Also had the same problem. I've been using.

const sanitizedString = inputString.replace(/^ *$/gm, '\n')

This will replace lines that have just spaces on it with a new line

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jasisk @BLamy @narcis-fv