Skip to content

Avoiding ReDoS attacks used in user-facing, regex-related REST endpoints. (7.1)#26535

Merged
dennisoelkers merged 1 commit into
7.1from
backport-7.1/fix/preventing_redos_attacks
Jul 2, 2026
Merged

Avoiding ReDoS attacks used in user-facing, regex-related REST endpoints. (7.1)#26535
dennisoelkers merged 1 commit into
7.1from
backport-7.1/fix/preventing_redos_attacks

Conversation

@graylog-internal-actions-access

Copy link
Copy Markdown

Note: This is a backport of #26483 to 7.1.

Description

SafePattern class for avoiding ReDoS attacks used in user-facing, regex-related REST endpoints.

Motivation and Context

Protect against those types of attacks from malicious users.

How Has This Been Tested?

Manually and with new unit tests.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Refactoring (non-breaking change)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have requested a documentation update.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.

…nts. (#26483)

* SafePattern class for avoiding ReDoS attacks used in user-facing, regex-related REST endpoints.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* Changelog added

* An attempt to replace System.currentTimeMillis() with Clock.

* Removing length limits for input and regexp

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
(cherry picked from commit 5a8de34)
@dennisoelkers dennisoelkers merged commit 04acece into 7.1 Jul 2, 2026
25 checks passed
@dennisoelkers dennisoelkers deleted the backport-7.1/fix/preventing_redos_attacks branch July 2, 2026 08:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants