8000 bpo-46474: Avoid REDoS in EntryPoint.pattern (sync with importlib_met… · python/cpython@51c3e28 · GitHub
[go: up one dir, main page]
Skip to content

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 51c3e28

Browse files
jaracojaraco
authored
bpo-46474: Avoid REDoS in EntryPoint.pattern (sync with importlib_metadata 4.10.1) (GH-30803)
1 parent b0898f4 commit 51c3e28

File tree

2 files changed

+4
-2
lines changed

2 files changed

+4
-2
lines changed

Lib/importlib/metadata/__init__.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -156,8 +156,8 @@ class EntryPoint(DeprecatedTuple):
156156

157157
pattern = re.compile(
158158
r'(?P<module>[\w.]+)\s*'
159-
r'(:\s*(?P<attr>[\w.]+))?\s*'
160-
r'(?P<extras>\[.*\])?\s*$'
159+
r'(:\s*(?P<attr>[\w.]+)\s*)?'
160+
r'((?P<extras>\[.*\])\s*)?$'
161161
)
162162
"""
163163
A regular expression describing the syntax for an entry point,

Misc/NEWS.d/next/Library/2022-01-22-14-49-10.bpo-46474.eKQhvx.rst

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
In ``importlib.metadata.EntryPoint.pattern``, avoid potential REDoS by
2+
limiting ambiguity in consecutive whitespace.

0 commit comments

Comments
 (0)
0