fix(renderer): remove ambiguous \s* from _parse_if regex to prevent ReDoS

The pattern \s*(.+?)\s* in _parse_if allowed polynomial backtracking when no closing }} was found — confirmed to hang at n=5000 whitespace chars. The \s* wrappers were redundant since group(1) is already stripped at the call site. Reported and patched with @pa1va. Closes #2326
2026-05-11 17:08:27 +08:00 · 2026-03-27 13:53:54 -03:00
parent f19a19cfc6
commit 6e71050593
1 changed files with 1 additions and 1 deletions
@@ -359,7 +359,7 @@ class TemplateRenderer:
            condition_part = condition_part[4:].strip()

        # Extract expression from {{ ... }} if present
-        expr_match = re.match(r'\{\{\s*(.+?)\s*\}\}', condition_part)
+        expr_match = re.match(r'\{\{(.+?)\}\}', condition_part)
        if expr_match:
            condition_expr = expr_match.group(1).strip()
        else: