Hi,
The ReDos example uses two regular expressions which are missing start and end anchors:
|
// const regexPattern = /([0-9]+)\#/; |
|
const regexPattern = /([0-9]+)+\#/; |
These regular expressions accept values such as evil123#evil.
How about:
1/ fixing these two regular expressions like this:
// const regexPattern = /^[0-9]+\#$/;
const regexPattern = /^([0-9]+)+\#$/;
2/ adding another regular expression somewhere which creates a vulnerability due to the missing anchors. This would be a good opportunity to explain CWE-777: Regular Expression without Anchors, which is quite easy to miss in Javascript.
Hi,
The ReDos example uses two regular expressions which are missing start and end anchors:
NodeGoat/app/routes/profile.js
Lines 58 to 59 in e2dffdb
These regular expressions accept values such as
evil123#evil.How about:
1/ fixing these two regular expressions like this:
2/ adding another regular expression somewhere which creates a vulnerability due to the missing anchors. This would be a good opportunity to explain CWE-777: Regular Expression without Anchors, which is quite easy to miss in Javascript.