github/meteor
1
1
Fork 0
mirror of https://github.com/meteor/meteor.git synced 2026-05-02 03:01:46 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8949 from sebakerckhof/fix/ejsondos

Browse Source 
Cut of regex flags in ejson parser to avoid abuse
This commit is contained in:
Jesse Rosenberger
2017-07-27 19:40:00 +03:00
committed by GitHub
parent aedd111cbd 7232b39fa4
commit bd22b331da
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
packages/ejson/ejson.js
View File

@@ -105,8 +105,11 @@ var builtinConverters = [
return { $regexp: regexp.source, $flags: regexp.flags };
},
fromJSONValue: function (obj) {
//replaces duplicate / invalid flags
return new RegExp(obj.$regexp, obj.$flags.replace(/[^gimuy]/g,'').replace(/(.)(?=.*\1)/g, ''));
// replaces duplicate / invalid flags
// cut of flags to 50 chars to avoid abusing regex for DOS
return new RegExp(obj.$regexp, obj.$flags.substr(0, 50)
.replace(/[^gimuy]/g,'')
.replace(/(.)(?=.*\1)/g, ''));
}
},
{ // NaN, Inf, -Inf. (These are the only objects with typeof !== 'object'