Skip to content

Commit

Permalink
Fixed multiple cases of vulnerable regexes (#2584)
Browse files Browse the repository at this point in the history
  • Loading branch information
RunDevelopment authored Oct 25, 2020
1 parent 6913204 commit c2f6a64
Show file tree
Hide file tree
Showing 56 changed files with 70 additions and 70 deletions.
6 changes: 3 additions & 3 deletions components/prism-asciidoc.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
(function (Prism) {

var attributes = {
pattern: /(^[ \t]*)\[(?!\[)(?:(["'$`])(?:(?!\2)[^\\]|\\.)*\2|\[(?:[^\]\\]|\\.)*\]|[^\]\\]|\\.)*\]/m,
pattern: /(^[ \t]*)\[(?!\[)(?:(["'$`])(?:(?!\2)[^\\]|\\.)*\2|\[(?:[^\[\]\\]|\\.)*\]|[^\[\]\\"'$`]|\\.)*\]/m,
lookbehind: true,
inside: {
'quoted': {
Expand Down Expand Up @@ -32,7 +32,7 @@
alias: 'comment'
},
'table': {
pattern: /^\|={3,}(?:(?:\r?\n|\r).*)*?(?:\r?\n|\r)\|={3,}$/m,
pattern: /^\|={3,}(?:(?:\r?\n|\r(?!\n)).*)*?(?:\r?\n|\r)\|={3,}$/m,
inside: {
'specifiers': {
pattern: /(?!\|)(?:(?:(?:\d+(?:\.\d+)?|\.\d+)[+*])?(?:[<^>](?:\.[<^>])?|\.[<^>])?[a-z]*)(?=\|)/,
Expand Down Expand Up @@ -124,7 +124,7 @@
}
],
'macro': {
pattern: /\b[a-z\d][a-z\d-]*::?(?:(?:\S+)??\[(?:[^\]\\"]|(["'])(?:(?!\1)[^\\]|\\.)*\1|\\.)*\])/,
pattern: /\b[a-z\d][a-z\d-]*::?(?:(?:\S+)??\[(?:[^\]\\"']|(["'])(?:(?!\1)[^\\]|\\.)*\1|\\.)*\])/,
inside: {
'function': /^[a-z\d-]+(?=:)/,
'punctuation': /^::?/,
Expand Down
2 changes: 1 addition & 1 deletion components/prism-asciidoc.min.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion components/prism-bash.js
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,7 @@
},
// “Normal” string
{
pattern: /(^|[^\\](?:\\\\)*)(["'])(?:\\[\s\S]|\$\([^)]+\)|`[^`]+`|(?!\2)[^\\])*\2/,
pattern: /(^|[^\\](?:\\\\)*)(["'])(?:\\[\s\S]|\$\([^)]+\)|\$(?!\()|`[^`]+`|(?!\2)[^\\`$])*\2/,
lookbehind: true,
greedy: true,
inside: insideString
Expand Down
Loading

0 comments on commit c2f6a64

Please sign in to comment.