Tree - rpms/python-mpmath - src.fedoraproject.org

rpms / python-mpmath

Overview Files Commits Branches Forks Releases

Monitoring status:

Bugzilla Assignee:

Fedora:: jussilehtola
EPEL:: jussilehtola

Files

Commit: f721addb2983f73d6dee30a73c5306d1212d57d4

Blob Blame History Raw

From c811b37c65a4372a7ce613111d2a508c204f9833 Mon Sep 17 00:00:00 2001
From: Vinzent Steinberg <Vinzent.Steinberg@gmail.com>
Date: Wed, 10 Feb 2021 16:45:04 +0100
Subject: [PATCH 1/2] Fix ReDOS vulnerability

Fixes #548, with the workaround suggested by @yetingli.
---
 mpmath/ctx_mp.py             |  4 ++--
 mpmath/tests/test_convert.py | 10 ++++++++++
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/mpmath/ctx_mp.py b/mpmath/ctx_mp.py
index 39fc9411..93594dd4 100644
--- a/mpmath/ctx_mp.py
+++ b/mpmath/ctx_mp.py
@@ -42,8 +42,8 @@
 
 new = object.__new__
 
-get_complex = re.compile(r'^\(?(?P<re>[\+\-]?\d*\.?\d*(e[\+\-]?\d+)?)??'
-                         r'(?P<im>[\+\-]?\d*\.?\d*(e[\+\-]?\d+)?j)?\)?$')
+get_complex = re.compile(r'^\(?(?P<re>[\+\-]?\d*(\.\d*)?(e[\+\-]?\d+)?)??'
+                         r'(?P<im>[\+\-]?\d*(\.\d*)?(e[\+\-]?\d+)?j)?\)?$')
 
 if BACKEND == 'sage':
     from sage.libs.mpmath.ext_main import Context as BaseMPContext

rpms / python-mpmath

Source Code

Files