Andreas/markdownlint
1
0
Fork 0
mirror of https://github.com/DavidAnson/markdownlint.git synced 2025-09-22 05:40:48 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

Update helpers.inlineCommentRe to fix an instance of "Polynomial regular expression used on uncontrolled data".

Browse source
This commit is contained in:
David Anson 2022-02-12 17:46:46 -08:00
parent 1c89dd5776
commit f46ee0732f
3 changed files with 32 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

12
helpers/helpers.js
View file

@ -12,11 +12,11 @@ module.exports.frontMatterRe =
// eslint-disable-next-line max-len
/((^---\s*$[^]*?^---\s*$)|(^\+\+\+\s*$[^]*?^(\+\+\+|\.\.\.)\s*$)|(^\{\s*$[^]*?^\}\s*$))(\r\n|\r|\n|$)/m;
// Regular expression for matching inline disable/enable comments
const inlineCommentRe =
// Regular expression for matching the start of inline disable/enable comments
const inlineCommentStartRe =
// eslint-disable-next-line max-len
/<!--\s*markdownlint-(?:(?:(disable|enable|capture|restore|disable-file|enable-file|disable-next-line)((?:\s+[a-z0-9_-]+)*))|(?:(configure-file)\s+([\s\S]*?)))\s*-->/ig;
module.exports.inlineCommentRe = inlineCommentRe;
/(<!--\s*markdownlint-(disable|enable|capture|restore|disable-file|enable-file|disable-next-line|configure-file))(?:\s|-->)/ig;
module.exports.inlineCommentStartRe = inlineCommentStartRe;
// Regular expressions for range matching
module.exports.bareUrlRe = /(?:http|ftp)s?:\/\/[^\s\]"']*(?:\/|[^\s\]"'\W])/ig;
@ -163,9 +163,9 @@ module.exports.clearHtmlCommentText = function clearHtmlCommentText(text) {
if (isValid) {
const inlineCommentIndex = text
.slice(i, j + htmlCommentEnd.length)
.search(inlineCommentRe);
.search(inlineCommentStartRe);
// If not a markdownlint inline directive...
if (inlineCommentIndex === -1) {
if (inlineCommentIndex !== 0) {
text =
text.slice(0, i + htmlCommentBegin.length) +
content.replace(/[^\r\n]/g, ".") +