Use a simpler regex to avoid potential Stack Overflow

Fixes #2165
jhy · Jul 5, 2024 · 97e6211 · 97e6211
1 parent 65589f1
commit 97e6211
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 1 deletion.
diff --git a/CHANGES.md b/CHANGES.md
@@ -37,6 +37,8 @@
   e.g.: `h1:has(+h2)`). [2137](https://github.com/jhy/jsoup/issues/2137)
 * The `:empty` selector incorrectly matched elements that started with a blank text node and were followed by 
   non-empty nodes, due to an incorrect short-circuit. [2130](https://github.com/jhy/jsoup/issues/2130) 
+* Fuzz: a Stack Overflow exception could occur when resolving a crafted `<base href>` URL, in the normalizing regex. 
+  [2165](https://github.com/jhy/jsoup/issues/2165)
 
 ---
 

diff --git a/src/main/java/org/jsoup/internal/StringUtil.java b/src/main/java/org/jsoup/internal/StringUtil.java
@@ -283,7 +283,7 @@ public static boolean isAscii(String string) {
         return true;
     }
 
-    private static final Pattern extraDotSegmentsPattern = Pattern.compile("^/((\\.{1,2}/)+)");
+    private static final Pattern extraDotSegmentsPattern = Pattern.compile("^/(?>(?>\\.\\.?/)+)");
     /**
      * Create a new absolute URL, from a provided existing absolute URL and a relative URL component.
      * @param base the existing absolute base URL

diff --git a/src/test/resources/fuzztests/67469.html.gz b/src/test/resources/fuzztests/67469.html.gz