Fix catastrophic backtracking issue in header parsing regular expression.

The affected pattern is only used from a single non-public function, which in turn is not actually used anywhere. It's in dead code. No security issue.
author: Marcel Hellkamp <marc@gsites.de> 2020-01-03 19:49:09 +0100
committer: Marcel Hellkamp <marc@gsites.de> 2020-01-03 19:53:48 +0100
commit: c84c57f6eaf329266d72fddfa524fb9b360d67ae (patch)
tree: 42ecd81aec34a72cdb251e1be777c3bde0cdd933
parent: 8561ffbc2ed2b16b4f7f90520d148e37e251d107 (diff)
download: bottle-c84c57f6eaf329266d72fddfa524fb9b360d67ae.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/bottle.py b/bottle.py
index c52c20d..130c55d 100755
--- a/bottle.py
+++ b/bottle.py
@@ -3017,7 +3017,7 @@ def parse_range_header(header, maxlen=0):
 
 
 #: Header tokenizer used by _parse_http_header()
-_hsplit = re.compile('(?:(?:"((?:[^"\\\\]+|\\\\.)*)")|([^;,=]+))([;,=]?)').findall
+_hsplit = re.compile('(?:(?:"((?:[^"\\\\]|\\\\.)*)")|([^;,=]+))([;,=]?)').findall
 
 def _parse_http_header(h):
     """ Parses a typical multi-valued and parametrised HTTP header (e.g. Accept headers) and returns a list of values
author	Marcel Hellkamp <marc@gsites.de>	2020-01-03 19:49:09 +0100
committer	Marcel Hellkamp <marc@gsites.de>	2020-01-03 19:53:48 +0100
commit	c84c57f6eaf329266d72fddfa524fb9b360d67ae (patch)
tree	42ecd81aec34a72cdb251e1be777c3bde0cdd933
parent	8561ffbc2ed2b16b4f7f90520d148e37e251d107 (diff)
download	bottle-c84c57f6eaf329266d72fddfa524fb9b360d67ae.tar.gz