[ruby/uri] Fix quadratic backtracking on invalid port number

https://hackerone.com/reports/1958260 https://github.com/ruby/uri/commit/9d7bcef1e6
author: Nobuyoshi Nakada <nobu@ruby-lang.org> 2023-04-22 20:09:10 +0900
committer: git <svn-admin@ruby-lang.org> 2023-06-29 01:07:52 +0000
commit: 995ce947bed7e92bcda185f164d43089e6a1cf5e (patch)
tree: 6ce30847e79472789688403c9306cc137da00dec /lib/uri/rfc3986_parser.rb
parent: 1eff362492f4a0ca8d6d036c958afa7961e827f0 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/uri/rfc3986_parser.rb b/lib/uri/rfc3986_parser.rb
index 41fbea4b03..092a1ac89d 100644
--- a/lib/uri/rfc3986_parser.rb
+++ b/lib/uri/rfc3986_parser.rb
@@ -164,7 +164,7 @@ module URI
         QUERY: %r[\A(?:%\h\h|[!$&-.0-9:;=@A-Z_a-z~/?])*+\z],
         FRAGMENT: %r[\A#{FRAGMENT}\z]o,
         OPAQUE: %r[\A(?:[^/].*)?\z],
-        PORT: /\A[\x09\x0a\x0c\x0d ]*\d*[\x09\x0a\x0c\x0d ]*\z/,
+        PORT: /\A[\x09\x0a\x0c\x0d ]*+\d*[\x09\x0a\x0c\x0d ]*\z/,
       }
     end
author	Nobuyoshi Nakada <nobu@ruby-lang.org>	2023-04-22 20:09:10 +0900
committer	git <svn-admin@ruby-lang.org>	2023-06-29 01:07:52 +0000
commit	995ce947bed7e92bcda185f164d43089e6a1cf5e (patch)
tree	6ce30847e79472789688403c9306cc137da00dec /lib/uri/rfc3986_parser.rb
parent	1eff362492f4a0ca8d6d036c958afa7961e827f0 (diff)