actions/setup-php
1
0
Fork 0
mirror of https://github.com/shivammathur/setup-php.git synced 2025-07-31 18:57:17 +07:00
Code Issues Packages Projects Releases Wiki Activity

Fix potential exponential backtracking in regex in utils.parseExtensionSource

Browse Source
This commit is contained in:
Shivam Mathur
2022-01-22 02:25:58 +05:30
parent 9ca9ab33ef
commit c38f1acc38
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dist/index.js vendored
View File

@ -1177,7 +1177,7 @@ async function customPackage(pkg, type, version, os_version) {
}
exports.customPackage = customPackage;
async function parseExtensionSource(extension, prefix) {
const regex = /(\w+)-(.+:\/\/.+(?:[.:].+)+\/)?([\w.-]+)\/([\w.-]+)@(.+)/;
const regex = /(\w+)-(\w+:\/\/.{1,253}(?:[.:][^:/\s]{2,63})+\/)?([\w.-]+)\/([\w.-]+)@(.+)/;
const matches = regex.exec(extension);
matches[2] = matches[2] ? matches[2].slice(0, -1) : 'https://github.com';
return await joins('\nadd_extension_from_source', ...matches.splice(1, matches.length), prefix);