From 41d6a03db32a36d10e1859cb7f5bb766630aca29 Mon Sep 17 00:00:00 2001 From: md347 <688628+md347@users.noreply.github.com> Date: Tue, 13 Feb 2024 21:54:08 +0000 Subject: [PATCH] Update FileAnalysis.cs escape backslashes in regex --- winPEAS/winPEASexe/winPEAS/Checks/FileAnalysis.cs | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/winPEAS/winPEASexe/winPEAS/Checks/FileAnalysis.cs b/winPEAS/winPEASexe/winPEAS/Checks/FileAnalysis.cs index 0aa85b2..275194c 100644 --- a/winPEAS/winPEASexe/winPEAS/Checks/FileAnalysis.cs +++ b/winPEAS/winPEASexe/winPEAS/Checks/FileAnalysis.cs @@ -158,16 +158,19 @@ namespace winPEAS.Checks bool is_re_match = false; try { + // Escape backslashes in the regex string + string escapedRegex = regex_str.Trim().Replace(@"\", @"\\"); + // Use "IsMatch" because it supports timeout, if exception is thrown exit the func to avoid ReDoS in "rgx.Matches" if (caseinsensitive) { - is_re_match = Regex.IsMatch(text, regex_str.Trim(), RegexOptions.IgnoreCase, TimeSpan.FromSeconds(120)); - rgx = new Regex(regex_str.Trim(), RegexOptions.IgnoreCase); + is_re_match = Regex.IsMatch(text, escapedRegex, RegexOptions.IgnoreCase, TimeSpan.FromSeconds(120)); + rgx = new Regex(escapedRegex, RegexOptions.IgnoreCase); } else { - is_re_match = Regex.IsMatch(text, regex_str.Trim(), RegexOptions.None, TimeSpan.FromSeconds(120)); - rgx = new Regex(regex_str.Trim()); + is_re_match = Regex.IsMatch(text, escapedRegex, RegexOptions.None, TimeSpan.FromSeconds(120)); + rgx = new Regex(escapedRegex); } } catch (RegexMatchTimeoutException e)