A RetroSearch Logo

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Search Query:

Showing content from https://github.com/django/django/commit/d17974a287a6ea2e361daff88fcc004cbd6835fa below:

[1.8.x] Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in dja… · django/django@d17974a · GitHub

File tree Expand file treeCollapse file tree 3 files changed

+17

-1

lines changed

Filter options

Expand file treeCollapse file tree 3 files changed

+17

-1

lines changed Original file line number Diff line number Diff line change

@@ -27,7 +27,7 @@

 27 27

# Set up regular expressions

 28 28

re_words = re.compile(r'<.*?>|((?:\w[-\w]*|&.*?;)+)', re.U | re.S)

 29 29

re_chars = re.compile(r'<.*?>|(.)', re.U | re.S)

 30 -

re_tag = re.compile(r'<(/)?([^ ]+?)(?:(\s*/)| .*?)?>', re.S)

 30 +

re_tag = re.compile(r'<(/)?(\S+?)(?:(\s*/)|\s.*?)?>', re.S)

 31 31

re_newlines = re.compile(r'\r\n|\r') # Used in normalize_newlines

 32 32

re_camel_case = re.compile(r'(((?<=[a-z])[A-Z])|([A-Z](?![A-Z]|$)))')

 33 33 Original file line number Diff line number Diff line change

@@ -16,3 +16,15 @@ expression. The ``urlize()`` function is used to implement the ``urlize`` and

 16 16 17 17

The problematic regular expression is replaced with parsing logic that behaves

 18 18

similarly.

 19 + 20 +

CVE-2018-7537: Denial-of-service possibility in ``truncatechars_html`` and ``truncatewords_html`` template filters

 21 +

==================================================================================================================

 22 + 23 +

If ``django.utils.text.Truncator``'s ``chars()`` and ``words()`` methods were

 24 +

passed the ``html=True`` argument, they were extremely slow to evaluate certain

 25 +

inputs due to a catastrophic backtracking vulnerability in a regular

 26 +

expression. The ``chars()`` and ``words()`` methods are used to implement the

 27 +

``truncatechars_html`` and ``truncatewords_html`` template filters, which were

 28 +

thus vulnerable.

 29 + 30 +

The backtracking problem in the regular expression is fixed.

 Original file line number Diff line number Diff line change

@@ -144,6 +144,10 @@ def test_truncate_html_words(self):

 144 144

self.assertEqual('<p>I &lt;3 python...</p>',

 145 145

truncator.words(3, '...', html=True))

 146 146 147 +

re_tag_catastrophic_test = ('</a' + '\t' * 50000) + '//>'

 148 +

truncator = text.Truncator(re_tag_catastrophic_test)

 149 +

self.assertEqual(re_tag_catastrophic_test, truncator.words(500, html=True))

 150 + 147 151

def test_wrap(self):

 148 152

digits = '1234 67 9'

 149 153

self.assertEqual(text.wrap(digits, 100), '1234 67 9')

You can’t perform that action at this time.

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4