From 19ca7c7e8eb238b6e6fe77c14320ac61b9beba2a Mon Sep 17 00:00:00 2001 From: Somdev Sangwan Date: Wed, 8 Feb 2023 16:37:44 +0530 Subject: [PATCH] redos vuln patch (issue #5310) --- lib/core/common.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/core/common.py b/lib/core/common.py index a691edc2a..745ae68c6 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -1822,7 +1822,7 @@ def expandAsteriskForColumns(expression): the SQL query string (expression) """ - match = re.search(r"(?i)\ASELECT(\s+TOP\s+[\d]+)?\s+\*\s+FROM\s+(([`'\"][^`'\"]+[`'\"]|[\w.]+)+)(\s|\Z)", expression) + match = re.search(r"(?i)\ASELECT(\s+TOP\s+[\d]+)?\s+\*\s+FROM\s+(([`'\"][^`'\"]+[`'\"])+|[\w.]+)(\s|\Z)", expression) if match: infoMsg = "you did not provide the fields in your query. "