Delete test/backend-test/test-apicache-ReDos.js

remove the test file
Update server/modules/apicache/apicache.js
2025-02-26 13:35:56 +00:00 · 2025-01-22 22:55:50 +08:00 · 2025-01-22 22:55:09 +08:00
2 changed files with 1 additions and 27 deletions
--- a/server/modules/apicache/apicache.js
+++ b/server/modules/apicache/apicache.js
@ -485,7 +485,7 @@ function ApiCache() {
        }

        if (typeof duration === "string") {
-            let split = duration.match(/^([\d\.,]+)\s?((?:(?!\d)\w)+)$/);
+            let split = duration.match(/^([\d\.,]+)\s?([a-zA-Z]+)$/);

            if (split.length === 3) {
                let len = parseFloat(split[1]);
--- a/test/backend-test/test-apicache-ReDos.js
+++ b/test/backend-test/test-apicache-ReDos.js
@ -1,26 +0,0 @@
-const semver = require("semver");
-let test;
-const nodeVersion = process.versions.node;
-if (semver.satisfies(nodeVersion, ">= 18")) {
-    test = require("node:test");
-} else {
-    test = require("test");
-}
-const apicacheModule = require("../../server/modules/apicache/apicache.js");
-
-const assert = require("node:assert");
-
-test("Test ReDos - attack string", async (t) => {
-    const getDuration = apicacheModule.getDuration;
-    const str = "" + "00".repeat(100000) + "\u0000";
-    const startTime = performance.now();
-    try {
-        getDuration(str);
-    } catch (error) {
-    // pass
-    }
-    const endTime = performance.now();
-    const elapsedTime = endTime - startTime;
-    const reDosThreshold = 9000;
-    assert(elapsedTime <= reDosThreshold, `🚨 Potential ReDoS Attack! getDuration method took ${elapsedTime.toFixed(2)} ms, exceeding threshold of ${reDosThreshold} ms.`);
-});
Author	SHA1	Message	Date
DayShift	d11975ea8c	Delete test/backend-test/test-apicache-ReDos.js remove the test file	2025-01-22 22:55:50 +08:00
DayShift	6248ff1c5d	Update server/modules/apicache/apicache.js modified the regular term matching rule Co-authored-by: Frank Elsinga <frank@elsinga.de>	2025-01-22 22:55:09 +08:00