github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 01:13:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Search][ES3] Fix polynomial regex (#202508)

Browse source 
## Summary

The expression here violates [polynomial regular expression used on
uncontrolled
data](https://codeql.github.com/codeql-query-help/javascript/js-polynomial-redos/)

This PR replaces the problem regex with one that is not ambiguous about
when to start matching `-` sequences. This is done through using a
negative look-behind.
This commit is contained in:
Navarone Feekery 2024-12-02 17:59:37 +01:00 committed by GitHub
parent 30ceb1a053
commit 686e356d96
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
packages/kbn-search-connectors/utils/to_alphanumeric.ts
View file

@ -11,5 +11,5 @@ export const toAlphanumeric = (input: string) =>
input
.trim()
.replace(/[^a-zA-Z0-9]+/g, '-') // Replace all special/non-alphanumerical characters with dashes
.replace(/^[-]+|[-]+$/g, '') // Strip all leading and trailing dashes
.replace(/(^-+|(?<!-)-+$)/g, '') // Strip all leading and trailing dashes
.toLowerCase();