Skip to content

security: fix unsafe heading regex #1224

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 16, 2018
Merged

security: fix unsafe heading regex #1224

merged 1 commit into from
Apr 16, 2018

Conversation

@davisjam
Copy link
Contributor

@davisjam davisjam commented Apr 16, 2018
edited
Loading

Problem:
REDOS could be triggered through exploitation of the 'heading' regex.

Solution:
Refactor regex. It matches the same language as before but
is less vulnerable to REDOS.
It is now safe using the bounds suggested by those disclosing it.
It remains super-linear but a successful exploit requires
a much longer attack string.

Fixes:
Issue disclosed privately.

Credit:
This issue was pointed out by
Nick Starke (@nstarke) and Adam Cazzolla (@atcazzual) of Sonatype Security research.

@davisjam
security: fix unsafe heading regex
f052a2c 
Problem:
REDOS could be triggered through exploitation of the 'heading' regex.

Solution:
Refactor regex. It matches the same language as before but
is less vulnerable to REDOS.
It is now safe using the bounds suggested by those disclosing it.
It remains super-linear but a successful exploit requires
a much longer attack string.

Fixes:
Issue disclosed privately.

Credit:
This issue was pointed out by
Nick Starke and Adam Cazzolla of Sonatype Security research.
@styfle styfle merged commit 09afabf into markedjs:master Apr 16, 2018
@styfle
Copy link
Member

styfle commented Apr 16, 2018

Thanks! 👍

This was referenced Apr 16, 2018
Merged
Closed
@snyk-bot snyk-bot mentioned this pull request Aug 19, 2019
Open
This was referenced Aug 30, 2019
Open
Open
@snyk-bot snyk-bot mentioned this pull request Sep 24, 2019
Open
This was referenced Oct 26, 2019
Open
Open
Open
Closed
Open
@snyk-bot snyk-bot mentioned this pull request Nov 4, 2019
Open
This was referenced Nov 18, 2019
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
This was referenced Mar 27, 2020
Open
Open
Open
Open
Open
Open
Open
Open
Open
This was referenced Apr 3, 2020
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
zhenalexfan pushed a commit to zhenalexfan/MarkdownHan that referenced this pull request Nov 8, 2021
@styfle
Merge pull request markedjs#1224 from davisjam/SonatypeReport
a8144e6 
security: fix unsafe heading regex
@snyk-bot snyk-bot mentioned this pull request Jan 18, 2022
Open
@CMaheshBL CMaheshBL mentioned this pull request May 6, 2022
Open
@cx-ronen-riesenfeld cx-ronen-riesenfeld mentioned this pull request May 20, 2022
Open
@cx-ronen-riesenfeld cx-ronen-riesenfeld mentioned this pull request Nov 28, 2022
Open
@snyk-bot snyk-bot mentioned this pull request Dec 29, 2022
Open
@cx-ronen-riesenfeld cx-ronen-riesenfeld mentioned this pull request Jan 26, 2023
Open
@RobertMickleCx RobertMickleCx mentioned this pull request Mar 7, 2023
Open
@cx-ronen-riesenfeld cx-ronen-riesenfeld mentioned this pull request Mar 2, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@UziTech UziTech UziTech approved these changes

@styfle styfle styfle approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@davisjam @styfle @UziTech