diff options
| author | Douwe Maan <douwe@gitlab.com> | 2017-06-14 17:58:52 +0300 |
|---|---|---|
| committer | James Edwards-Jones <jedwardsjones@gitlab.com> | 2017-07-19 18:43:55 +0300 |
| commit | 5ba0577326c4f7b91bf6cfd1fde29a90ff11561d (patch) | |
| tree | aa4f8f973726ed1bed05f066c24d72ac6b10a98c /app | |
| parent | 4c9da11444df4a83fc228591d8e920ec046bc45d (diff) | |
Merge branch '24570-use-re2-for-user-supplied-regexp-9-0' into 'security-9-0'
[security-9-0] Use re2 for user-supplied regexps
See merge request !2122
Diffstat (limited to 'app')
| -rw-r--r-- | app/models/ci/build.rb | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb index 8431c5f228c..8f64d87d635 100644 --- a/app/models/ci/build.rb +++ b/app/models/ci/build.rb @@ -251,7 +251,8 @@ module Ci def extract_coverage(text, regex) return unless regex - matches = text.scan(Regexp.new(regex)).last + regex = Gitlab::UntrustedRegexp.new(regex) + matches = regex.scan(text).last matches = matches.last if matches.is_a?(Array) coverage = matches.gsub(/\d+(\.\d+)?/).first |