Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service. #354
Description
Describe the sustaining activity
src/persistence/BaseMCWSPersistenceProvider.js
import mcws from '../services/mcws/mcws';
import { createModelFromNamespaceDefinitionWithPersisted, interpolateUsername } from './utils';
const USERNAME_FROM_PATH_REGEX = new RegExp('.*/(.*?)$');
// Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service.
/**
* An object defining a MCWS namespace. Provides a unique identifier for a
* MCWS namespace and all the information necessary to access it.
*AND
src/services/dataset/Dataset.js
}
return url;
};
Dataset.prototype.omitsDictionaryVersion = function (url) {
return /\/.*Dictionary\/?$/.test(url);
// Make sure the regex used here, which is vulnerable to super-linear runtime due to backtracking, cannot lead to denial of service.
};
/**
* Returns the urlType
* egExpected behavior
Testing Instructions
1.
Additional context