Skip to content

Commit

Permalink
Use more specific regex chars to prevent ReDoS
Browse files Browse the repository at this point in the history
  • Loading branch information
hugovk authored and radarhere committed Mar 1, 2021
1 parent 8b8076b commit 521dab9
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion src/PIL/PdfParser.py
Original file line number Diff line number Diff line change
Expand Up @@ -580,8 +580,9 @@ def next_object_id(self, offset=None):
whitespace_or_hex = br"[\000\011\012\014\015\0400-9a-fA-F]"
whitespace_optional = whitespace + b"*"
whitespace_mandatory = whitespace + b"+"
whitespace_optional_no_nl = br"[\000\011\014\015\040]*" # no "\012" aka "\n"
newline_only = br"[\r\n]+"
newline = whitespace_optional + newline_only + whitespace_optional
newline = whitespace_optional_no_nl + newline_only + whitespace_optional_no_nl
re_trailer_end = re.compile(
whitespace_mandatory
+ br"trailer"
Expand Down

0 comments on commit 521dab9

Please sign in to comment.