Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML.

Thanks to Guido Vranken for initial report.
author: Florian Apolloner <florian@apolloner.eu> 2019-07-15 11:46:09 +0200
committer: Carlton Gibson <carlton.gibson@noumenal.es> 2019-08-01 09:24:54 +0200
commit: 7f65974f8219729c047fbbf8cd5cc9d80faefe77 (patch)
tree: 75306bbf491c52e18bd2216403f9e8cccd9654c3 /django/utils/text.py
parent: eea0bf7bd58cda4618ecc10133f0ad09effe1a2e (diff)
download: django-7f65974f8219729c047fbbf8cd5cc9d80faefe77.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/django/utils/text.py b/django/utils/text.py
index e9b7dcc72b..c2576b012a 100644
--- a/django/utils/text.py
+++ b/django/utils/text.py
@@ -17,8 +17,8 @@ def capfirst(x):
 
 
 # Set up regular expressions
-re_words = re.compile(r'<.*?>|((?:\w[-\w]*|&.*?;)+)', re.S)
-re_chars = re.compile(r'<.*?>|(.)', re.S)
+re_words = re.compile(r'<[^>]+?>|([^<>\s]+)', re.S)
+re_chars = re.compile(r'<[^>]+?>|(.)', re.S)
 re_tag = re.compile(r'<(/)?(\S+?)(?:(\s*/)|\s.*?)?>', re.S)
 re_newlines = re.compile(r'\r\n|\r')  # Used in normalize_newlines
 re_camel_case = re.compile(r'(((?<=[a-z])[A-Z])|([A-Z](?![A-Z]|$)))')
author	Florian Apolloner <florian@apolloner.eu>	2019-07-15 11:46:09 +0200
committer	Carlton Gibson <carlton.gibson@noumenal.es>	2019-08-01 09:24:54 +0200
commit	7f65974f8219729c047fbbf8cd5cc9d80faefe77 (patch)
tree	75306bbf491c52e18bd2216403f9e8cccd9654c3 /django/utils/text.py
parent	eea0bf7bd58cda4618ecc10133f0ad09effe1a2e (diff)
download	django-7f65974f8219729c047fbbf8cd5cc9d80faefe77.tar.gz