mirror of
https://github.com/pewdiepie-archdaemon/odysseus.git
synced 2026-07-02 01:22:07 -04:00
fix(security): prevent ReDoS in verdict-prose and continuation matchers (#4943)
Two py/polynomial-redos sinks ran regexes with two adjacent \s-matching
quantifiers over untrusted model text, backtracking O(n^2) when the tail failed
on a whitespace flood:
- routes/skills_routes.py: the last-resort verdict-from-prose extractor used
`["\'\s:]*\s*` — the class already matches \s, so the trailing \s* was a
redundant second quantifier. Dropped it (extracted to a documented module
constant _VERDICT_PROSE_RE); the matched text is identical, the scan linear.
- src/agent_loop.py _EXPLICIT_CONTINUATION_RE: `\s*[.!?]*\s*$` put two \s*
around `[.!?]*`. Rewrote as `\s*(?:[.!?]+\s*)?$` — same accepted tails (no
two \s* adjacent), linear. Portable form (no possessive quantifiers).
Both verified output-equivalent to the originals across a fuzz corpus. Adds
tests/test_redos_verdict_continuation.py pinning the unchanged match sets and
bounding the flood inputs (old patterns took seconds at 40k whitespace chars).
This commit is contained in:
+6
-1
@@ -845,7 +845,12 @@ _EXPLICIT_CONTINUATION_RE = re.compile(
|
||||
r"run it|launch it|start it|use that|that one|same|the same|"
|
||||
r"first|second|third|the first one|the second one|the third one|"
|
||||
r"[123]|[abc]"
|
||||
r")\s*[.!?]*\s*$",
|
||||
# `\s*[.!?]*\s*$` put two \s-matching quantifiers around `[.!?]*`, which
|
||||
# backtracks O(n^2) on a terse reply + whitespace flood (py/polynomial-redos).
|
||||
# `\s*(?:[.!?]+\s*)?$` accepts the same "trailing space/punctuation" tails
|
||||
# (the inner \s* only engages after `[.!?]+`, so no two \s* are adjacent) and
|
||||
# is linear.
|
||||
r")\s*(?:[.!?]+\s*)?$",
|
||||
re.IGNORECASE,
|
||||
)
|
||||
_RETRY_CONTINUATION_RE = re.compile(
|
||||
|
||||
Reference in New Issue
Block a user