Skip to content

Commit

Permalink
Security: Fix typeRefRe being vulnerable to ReDoS
Browse files Browse the repository at this point in the history
  • Loading branch information
dcodeIO committed Feb 26, 2018
1 parent b912005 commit 2ee1028
Show file tree
Hide file tree
Showing 10 changed files with 20 additions and 20 deletions.
4 changes: 2 additions & 2 deletions dist/light/protobuf.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions dist/light/protobuf.min.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions dist/minimal/protobuf.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions dist/minimal/protobuf.min.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 4 additions & 4 deletions dist/protobuf.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion dist/protobuf.js.map

Large diffs are not rendered by default.

6 changes: 3 additions & 3 deletions dist/protobuf.min.js

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion dist/protobuf.min.js.map

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "protobufjs",
"version": "6.8.5",
"version": "6.8.6",
"versionScheme": "~",
"description": "Protocol Buffers for JavaScript (& TypeScript).",
"author": "Daniel Wirtz <dcode+protobufjs@dcode.io>",
Expand Down
4 changes: 2 additions & 2 deletions src/parse.js
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,8 @@ var base10Re = /^[1-9][0-9]*$/,
base8NegRe = /^-?0[0-7]+$/,
numberRe = /^(?![eE])[0-9]*(?:\.[0-9]*)?(?:[eE][+-]?[0-9]+)?$/,
nameRe = /^[a-zA-Z_][a-zA-Z_0-9]*$/,
typeRefRe = /^(?:\.?[a-zA-Z_][a-zA-Z_0-9]*)+$/,
fqTypeRefRe = /^(?:\.[a-zA-Z][a-zA-Z_0-9]*)+$/;
typeRefRe = /^(?:\.?[a-zA-Z_][a-zA-Z_0-9]*)(?:\.[a-zA-Z_][a-zA-Z_0-9]*)*$/,
fqTypeRefRe = /^(?:\.[a-zA-Z_][a-zA-Z_0-9]*)+$/;

/**
* Result object returned from {@link parse}.
Expand Down

0 comments on commit 2ee1028

Please sign in to comment.