Fix #342 - Enforce all regexes to comply with safe-regex as a safeguard against possible ReDoS vulnerability

2025-09-27 07:58:45 +03:00 · 2021-03-26 19:39:00 +07:00 · 2021-03-26 19:39:00 +07:00 · 2cfd792d24
commit 2cfd792d24
parent b406b5df2c
2 changed files with 29 additions and 1 deletions
--- a/package.json
+++ b/package.json
@ -120,6 +120,7 @@
    "jshint": "~2.12.0",
    "mocha": "~8.2.0",
    "requirejs": "^2.3.2",
+    "safe-regex": "^2.1.1",
    "uglify-js": "~3.12.0",
    "verup": "^1.3.x"
  },
--- a/test/test.js
+++ b/test/test.js
@ -1,3 +1,5 @@
+var fs          = require('fs');
+var safe        = require('safe-regex');
 var assert      = require('assert');
 var requirejs   = require('requirejs');
 var UAParser    = require('./../src/ua-parser');
@ -121,4 +123,29 @@ describe('Using Require.js', function () {
            done();
        });
    });
-});
+});
+
+describe('Testing regexes', function () {
+
+    var regexes;
+
+    // todo: use AST-based instead of grep
+    before('Read main js file', function (done) {
+        fs.readFile('src/ua-parser.js', 'utf8', function (err, data) {
+            regexes = data.match(/(\/.+\/[ig]+)(?=[,\s\n])/g);
+            done();
+        });
+    });
+
+    describe('Begin testing', function () {
+        it('all regexes in main file', function () {
+            regexes.forEach(function (regex) {
+                describe('Test against `safe-regex` : ' + regex, function () {
+                    it('should be safe from potentially vulnerable regex', function () {
+                        assert.strictEqual(safe(regex), true);
+                    });
+                });
+            });
+        });
+    });
+})