Fixed catastrophic backtracking in URLValidator.

Thanks João Silva for reporting the problem and Tim Graham for finding the problematic RE and for review. This is a security fix; disclosure to follow shortly.
2025-11-07 07:15:35 +00:00 · 2015-06-30 01:09:21 +03:00
parent 014247ad19
commit 17d3a6d804
5 changed files with 14 additions and 1 deletions
--- a/tests/validators/valid_urls.txt
+++ b/tests/validators/valid_urls.txt
@@ -7,6 +7,7 @@ http://www.example.com/
 http://www.example.com:8000/test
 http://valid-with-hyphens.com/
 http://subdomain.example.com/
+http://a.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 http://200.8.9.10/
 http://200.8.9.10:8000/test
 http://su--b.valid-----hyphens.com/