Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BugFix:Regular Expression in parseDuration Function #5554

Closed
wants to merge 5 commits into from
Closed

BugFix:Regular Expression in parseDuration Function #5554

wants to merge 5 commits into from
+47 −1

Conversation

ShiyuBanzhou
Copy link

⚠️⚠️⚠️ Since we do not accept all types of pull requests and do not want to waste your time. Please be sure that you have read pull request rules:
https://github.com/louislam/uptime-kuma/blob/master/CONTRIBUTING.md#can-i-create-a-pull-request-for-uptime-kuma

Tick the checkbox if you understand [x]:

  • I have read and understand the pull request rules.

Description

Fixes #(5553)

Original Issue Summary:
A Regular Expression Denial of Service (ReDoS) vulnerability existed in the parseDuration function due to an inefficient regular expression:

let split = duration.match(/^([\d\.,]+)\s?(\w+)$/);

This vulnerability allowed an attacker to exploit catastrophic backtracking by providing specially crafted input, potentially leading to excessive CPU consumption and service unavailability.
The vulnerability was identified in the @uptime-kuma/server/modules/apicache/apicache.js file. The issue is discussed in the corresponding gist link: ReDos in @uptime-kuma/server/modules/apicache /apicache.js.
Solution:
The issue was resolved by updating the regular expression to:

let split = duration.match(/^([\d\.,]+)(?!\1)\s?((?:(?!\d)\w)+)$/);

This new regular expression eliminates the possibility of catastrophic backtracking and resolves the ReDoS vulnerability. The fix has been successfully tested and confirmed not to affect the existing project structure. The test file can be found at: test/backend-test/test-apicache-ReDos.js.

Type of change

  • Bug fix (non-breaking change which fixes an issue)

Checklist

  • My code follows the style guidelines of this project
  • I ran ESLint and other linters for modified files
  • I have performed a self-review of my own code and tested it
  • I have commented my code, particularly in hard-to-understand areas (including JSDoc for methods)
  • My changes generates no new warnings
  • My code needed automated testing. I have added them (this is optional task)

Screenshots (if any)

  1. Original regular expression search causes ReDoS vulnerability test proof
redos 2. Proof that the modified code does not affect the project structure test 3. Proof that the modified code does not cause ReDoS vulnerability noredos

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ShiyuBanzhou @SuperMaxine