1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
From: Brian May <brian@linuxpenguins.xyz>
Date: Tue, 20 Mar 2018 17:35:19 +1100
Subject: Fix CVE-2018-7537 -- DOS in truncate*_html
This is a security fix.
---
django/utils/text.py | 2 +-
tests/utils_tests/test_text.py | 4 ++++
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/django/utils/text.py b/django/utils/text.py
index 34535d6..b8302b7 100644
--- a/django/utils/text.py
+++ b/django/utils/text.py
@@ -27,7 +27,7 @@ capfirst = allow_lazy(capfirst, six.text_type)
# Set up regular expressions
re_words = re.compile(r'<.*?>|((?:\w[-\w]*|&.*?;)+)', re.U | re.S)
re_chars = re.compile(r'<.*?>|(.)', re.U | re.S)
-re_tag = re.compile(r'<(/)?([^ ]+?)(?:(\s*/)| .*?)?>', re.S)
+re_tag = re.compile(r'<(/)?(\S+?)(?:(\s*/)|\s.*?)?>', re.S)
re_newlines = re.compile(r'\r\n|\r') # Used in normalize_newlines
re_camel_case = re.compile(r'(((?<=[a-z])[A-Z])|([A-Z](?![A-Z]|$)))')
diff --git a/tests/utils_tests/test_text.py b/tests/utils_tests/test_text.py
index 4015556..4ead468 100644
--- a/tests/utils_tests/test_text.py
+++ b/tests/utils_tests/test_text.py
@@ -96,6 +96,10 @@ class TestUtilsText(SimpleTestCase):
self.assertEqual('<p>I <3 python...</p>',
truncator.words(3, '...', html=True))
+ re_tag_catastrophic_test = ('</a' + '\t' * 50000) + '//>'
+ truncator = text.Truncator(re_tag_catastrophic_test)
+ self.assertEqual(re_tag_catastrophic_test, truncator.words(500, html=True))
+
def test_wrap(self):
digits = '1234 67 9'
self.assertEqual(text.wrap(digits, 100), '1234 67 9')
|
