Adding the modified 500ms timeout functionality

mitulbipin · Aug 21, 2024 · 9db1dd2 · 9db1dd2
1 parent 4c03a41
commit 9db1dd2
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 2 deletions.
diff --git a/cve-2017-16100.js b/cve-2017-16100.js
@@ -48,7 +48,7 @@ router_cve_2017_16100.post('/index',(req, res) => {
     if (result) {
         res.send('CVE-2017-16100: Regex matched successfully');
     } else {
-        res.status(400).send('CVE-2017-16100: Regex did not match');
+        res.send('CVE-2017-16100: Regex did not match');
     }
 });
 
@@ -96,6 +96,20 @@ router_cve_2017_16100.post('/timeout', (req, res) => {
     }
 });
 
+const timeoutModified = functionTimeout(regexMatch, {timeout:500}); 
+
+router_cve_2017_16100.post('/modified_timeout', (req, res) => {
+    const input = req.body.input;
+    try {
+        const result = timeoutModified(input);
+        console.log('Result:', result);
+        res.send({ result });
+    } catch (error) {
+        console.error('Error:', error.message);
+        res.status(500).send({ error: 'Regex operation timed out or failed' });
+    }
+});
+
 router_cve_2017_16100.post('/repair', (req, res) => {
     const input = req.body.input;
     const regex = /^(?:(?:(((?:[ d]|[ghtw](?:(?:[ .eglw])*)[cdhmopu]))[ilow]))*)((?:[^ b-eghtw]|[bc](?:(?:[ .cdinp])*)[^ .cdimnp]))$/; 

diff --git a/cve-2021-23346.js b/cve-2021-23346.js
@@ -71,6 +71,22 @@ router_cve_2021_23346.post('/timeout', (req, res) => {
   }
 });
 
+const timeoutModified = functionTimeout(regexMatch, {timeout:500}); 
+
+// ######################################## Functional 
+router_cve_2021_23346.post('/modified_timeout', (req, res) => {
+  const input = req.body.input;
+  try {
+      const result = timeoutModified(input);
+      console.log('Result:', result);
+      res.send({ result });
+  } catch (error) {
+      console.error('Error:', error.message);
+      res.status(500).send({ error: 'Regex operation timed out or failed' });
+  }
+});
+
+
 // ######################################## Functional 
 router_cve_2021_23346.post('/repair', (req, res) => {
   // Generated a vulnerable regular expression. Payload : let repeatedString = '<a !'.repeat(27387);

diff --git a/node_modules/schema-inspector/lib/schema-inspector.js b/node_modules/schema-inspector/lib/schema-inspector.js