From 10a358930d17e573a15cb22cf5acca00b2ab0ae2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20G=C3=BCnther?= Date: Tue, 13 Jul 2021 13:07:36 +0200 Subject: [PATCH] Prevent backtracking regexp in MessagesController --- app/controllers/messages_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/messages_controller.rb b/app/controllers/messages_controller.rb index c7c5e5930845..f980090e47af 100644 --- a/app/controllers/messages_controller.rb +++ b/app/controllers/messages_controller.rb @@ -144,7 +144,7 @@ def quote subject = @message.subject.gsub('"', '\"') subject = "RE: #{subject}" unless subject.starts_with?('RE:') content = "#{ll(Setting.default_language, :text_user_wrote, user)}\n> " - content << text.to_s.strip.gsub(%r{
((.|\s)*?)
}m, '[...]').gsub('"', '\"').gsub(/(\r?\n|\r\n?)/, "\n> ") + "\n\n" + content << text.to_s.strip.gsub(%r{
(.+?)
}m, '[...]').gsub('"', '\"').gsub(/(\r?\n|\r\n?)/, "\n> ") + "\n\n" respond_to do |format| format.json { render json: { subject: subject, content: content } }