From 51fe2e6521c9c02b421b383943dc9e4bbbe65d4e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gon=C3=A7alo=20Cabrita?= <_@gmcabrita.com>
Date: Fri, 25 Nov 2022 19:14:26 +0000
Subject: [PATCH] Prevent Regex Denial of Service in Sisimai::String.to_plain
---
lib/sisimai/string.rb | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/sisimai/string.rb b/lib/sisimai/string.rb
index 107db0ff..d3d993ac 100644
--- a/lib/sisimai/string.rb
+++ b/lib/sisimai/string.rb
@@ -66,8 +66,8 @@ def to_plain(argv1 = '', loose = false)
# 3. ... to " http://... "
# 4. ... to " Value "
plain.scrub!('?')
- plain.gsub!(%r|.+|im, '')
- plain.gsub!(%r|.+|im, '')
+ plain.gsub!(%r|.*?|im, '')
+ plain.gsub!(%r|.*?|im, '')
plain.gsub!(%r|(.*?)|i, '[\2](\1)')
plain.gsub!(%r|(.*?)|i, '[\2](mailto:\1)')