Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
openSUSE:Factory
regexploit
regexploit.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File regexploit.spec of Package regexploit
# # spec file for package regexploit # # Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # Name: regexploit Version: 1.0.0 Release: 0 Summary: Find regular expressions vulnerable to ReDoS License: Apache-2.0 URL: https://github.com/doyensec/regexploit Source: https://files.pythonhosted.org/packages/source/r/regexploit/regexploit-%{version}.tar.gz BuildRequires: fdupes BuildRequires: python-rpm-macros BuildRequires: python3-setuptools Requires: python3-base >= 3.8 Suggests: node > 12 BuildArch: noarch %description Many default regular expression parsers have unbounded worst-case complexity. Regex matching may be quick when presented with a matching input string. However, certain non-matching input strings can make the regular expression matcher go into crazy backtracking loops and take ages to process. This can cause denial of service, as the CPU will be stuck trying to match the regex. This tool is designed to: * find regular expressions which are vulnerable to ReDoS * give an example malicious string which will cause catastrophic backtracking Supports: - C# - JavaScript/TypeScript (requires node to be installed) - JSON - Python - YAML %prep %setup -q -n regexploit-%{version} # delete env-shebangs, not needed sed -i '1{/\/usr\/bin\/env python/d;}' regexploit/bin/*.* sed -i '1s/env //' regexploit/bin/javascript/index.js sed -i '1s/env python/python3/' regexploit/bin/regexploit-python-env %build %python3_build %install %python3_install %fdupes %{buildroot}%{python3_sitelib} %files %{python3_sitelib}/* %{_bindir}/regexploit* %license LICENSE %doc README.md %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor