github/AutoGPT
1
1
Fork 0
mirror of https://github.com/Significant-Gravitas/AutoGPT.git synced 2026-04-08 03:00:28 -04:00
Code Issues Packages Projects Releases Wiki Activity

fix(backend/store): bound split_camelcase input to prevent ReDoS

Browse Source 
Add a 500-character input length limit to split_camelcase() to address
CodeQL polynomial regex warning on uncontrolled data.
This commit is contained in:
Zamil Majdy
2026-03-13 18:18:48 +07:00
parent 73e1a5e76d
commit a662dc1680
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
autogpt_platform/backend/backend/api/features/store/text_utils.py
View File

@@ -13,6 +13,7 @@ def split_camelcase(text: str) -> str:
>>> split_camelcase("HTTPRequestBlock")
'HTTP Request Block'
"""
text = text[:500] # Bound input length to prevent regex DoS
text = re.sub(r"([a-z0-9])([A-Z])", r"\1 \2", text)
text = re.sub(r"([A-Z]+)([A-Z][a-z])", r"\1 \2", text)
return text