Description
I've identified a potential Regular Expression Denial of Service (ReDoS) issue in the duration_pat pattern at line 1333 of celtypes.py.
Affected Code
# celtypes.py, line 1333
duration_pat = re.compile(r"^[-+]?([0-9]*(\.[0-9]*)?[a-z]+)+$")
Steps to Reproduce
Root Cause
The regex contains nested quantifiers that cause catastrophic backtracking:
[0-9]* - zero or more digits (can match empty string)(\.[0-9]*)? - optional group (can also match empty)[a-z]+ - one or more letters- Outer
+ quantifier wrapping ([0-9]*(\.[0-9]*)?[a-z]+)
When matching a string of lowercase letters followed by a non-matching character (e.g., !), the regex engine explores an exponential number of backtracking paths, attempting to split the input across these overlapping patterns.
Potential Impact
- Service Availability: Crafted inputs could potentially hang the application, leading to service disruption
- Performance Degradation: Invalid inputs may cause significant slowdowns
Description
I've identified a potential Regular Expression Denial of Service (ReDoS) issue in the
duration_patpattern at line 1333 ofceltypes.py.Affected Code
Steps to Reproduce
Root Cause
The regex contains nested quantifiers that cause catastrophic backtracking:
[0-9]*- zero or more digits (can match empty string)(\.[0-9]*)?- optional group (can also match empty)[a-z]+- one or more letters+quantifier wrapping([0-9]*(\.[0-9]*)?[a-z]+)When matching a string of lowercase letters followed by a non-matching character (e.g.,
!), the regex engine explores an exponential number of backtracking paths, attempting to split the input across these overlapping patterns.Potential Impact