lainns-mirror/noctalia-shell
1
0
Fork 0
mirror of https://github.com/noctalia-dev/noctalia-shell.git synced 2026-05-11 17:08:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2324 from cbxcvl/fix/renderer-redos

Browse Source 
fix(renderer): remove ambiguous \s* from _BLOCK_RE to prevent ReDoS
This commit is contained in:
Lysec
2026-03-31 02:52:40 +02:00
committed by GitHub
parent cc4cf9cc44 4ad7ffbbdf
commit 40c8b17620
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Scripts/python/src/theming/lib/renderer.py
+1 -1
View File
@@ -138,7 +138,7 @@ class TemplateRenderer:
COLOR_ARG_FILTERS = {"blend", "harmonize"}
# Regex for block delimiters: <* ... *>
_BLOCK_RE = re.compile(r'<\*\s*(.*?)\s*\*>', re.DOTALL)
_BLOCK_RE = re.compile(r'<\*(.*?)\*>', re.DOTALL)
# Regex for expression tags: {{ ... }}
_EXPR_RE = re.compile(r"\{\{([^}\n]+?)\}\}")