Skip to content

Commit

Permalink
Ensure Polynomial regular expression is used on controlled data
Browse files Browse the repository at this point in the history
  • Loading branch information
sebr72 committed May 15, 2024
1 parent cb17ece commit 7474aa2
Showing 1 changed file with 12 additions and 3 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,9 @@
* @param <R> The return value
*/
abstract class HandleReportLoadResult<R> {
private static final Pattern VARIABLE_PATTERN = Pattern.compile("\\$\\{(\\S+)}");
private static final int FILENAME_MAX_LENGTH = 1000;
private static final Pattern VARIABLE_PATTERN =
Pattern.compile("\\$\\{(\\S{1," + FILENAME_MAX_LENGTH + "})}");
private static final Logger LOGGER = LoggerFactory.getLogger(HandleReportLoadResult.class);

/**
Expand Down Expand Up @@ -92,12 +94,12 @@ protected final void sendReportFile(
httpServletResponse.setContentType(metadata.getResult().getMimeType());
if (!inline) {
String fileName = metadata.getResult().getFileName();
Matcher matcher = VARIABLE_PATTERN.matcher(fileName);
Matcher matcher = getFileNameMatcher(fileName);
while (matcher.find()) {
final String variable = matcher.group(1);
String replacement = findReplacement(variable, metadata.getCompletionDate());
fileName = fileName.replace("${" + variable + "}", replacement);
matcher = VARIABLE_PATTERN.matcher(fileName);
matcher = getFileNameMatcher(fileName);
}

fileName += "." + metadata.getResult().getFileExtension();
Expand All @@ -108,6 +110,13 @@ protected final void sendReportFile(
}
}

private static Matcher getFileNameMatcher(final String fileName) {
if (fileName.length() > FILENAME_MAX_LENGTH) {
throw new IllegalArgumentException("File name is too long");
}
return VARIABLE_PATTERN.matcher(fileName);
}

/**
* Update a variable name with a date if the variable is detected as being a date.
*
Expand Down

0 comments on commit 7474aa2

Please sign in to comment.