Merge branch 'fix-re2-infinite-loop-nick' into 'security-9-3'

Fix an infinite loop in Gitlab:UntrustedRegexp See merge request !2146
author: Sean McGivern <sean@gitlab.com> 2017-07-20 16:16:00 +0300
committer: James Edwards-Jones <jedwardsjones@gitlab.com> 2017-07-21 15:13:07 +0300
commit: 83481414341b7ebb82b5a3d948b39e95fdca5289 (patch)
tree: 3934231c988f4171f61815d357da94ae0956f2af /spec/lib/gitlab/untrusted_regexp_spec.rb
parent: 2e46a584b671f5eb06b7e9c37523d7300882d44b (diff)
1 files changed, 19 insertions, 1 deletions
diff --git a/spec/lib/gitlab/untrusted_regexp_spec.rb b/spec/lib/gitlab/untrusted_regexp_spec.rb
index 66045917cb3..a2ef2a27e4c 100644
--- a/spec/lib/gitlab/untrusted_regexp_spec.rb
+++ b/spec/lib/gitlab/untrusted_regexp_spec.rb
@@ -46,10 +46,28 @@ describe Gitlab::UntrustedRegexp do
     context 'malicious regexp' do
       let(:text) { malicious_text }
       let(:regexp) { malicious_regexp }
- 
+
       include_examples 'malicious regexp'
     end
 
+    context 'empty regexp' do
+      let(:regexp) { '' }
+      let(:text) { 'foo' }
+
+      it 'returns an array of empty matches' do
+        is_expected.to eq(['', '', ''])
+      end
+    end
+
+    context 'empty capture group regexp' do
+      let(:regexp) { '()' }
+      let(:text) { 'foo' }
+
+      it 'returns arrays of empty matches in an array' do
+        is_expected.to eq([[''], [''], ['']])
+      end
+    end
+
     context 'no capture group' do
       let(:regexp) { '.+' }
       let(:text) { 'foo' }
author	Sean McGivern <sean@gitlab.com>	2017-07-20 16:16:00 +0300
committer	James Edwards-Jones <jedwardsjones@gitlab.com>	2017-07-21 15:13:07 +0300
commit	83481414341b7ebb82b5a3d948b39e95fdca5289 (patch)
tree	3934231c988f4171f61815d357da94ae0956f2af /spec/lib/gitlab/untrusted_regexp_spec.rb
parent	2e46a584b671f5eb06b7e9c37523d7300882d44b (diff)