[PATCH] Add validation for regular expressions

Daniel Axtens dja at axtens.net
Wed Mar 21 09:58:21 AEDT 2018 

vkabatov at redhat.com writes:

> From: Veronika Kabatova <vkabatov at redhat.com>
>
> Make sure entered regexes compile before saving them.

Applied, thank you.

Regards,
Daniel

>
> Signed-off-by: Veronika Kabatova <vkabatov at redhat.com>
> ---
> Daniel, feel free to add your Reported-by.
> ---
>  patchwork/models.py | 18 ++++++++++++++----
>  1 file changed, 14 insertions(+), 4 deletions(-)
>
> diff --git a/patchwork/models.py b/patchwork/models.py
> index b249175..ff1d7dc 100644
> --- a/patchwork/models.py
> +++ b/patchwork/models.py
> @@ -29,6 +29,7 @@ import re
>  import django
>  from django.conf import settings
>  from django.contrib.auth.models import User
> +from django.core.exceptions import ValidationError
>  from django.db import models
>  from django.utils.encoding import python_2_unicode_compatible
>  from django.utils.functional import cached_property
> @@ -42,6 +43,13 @@ if settings.ENABLE_REST_API:
>      from rest_framework.authtoken.models import Token
>  
>  
> +def validate_regex_compiles(regex_string):
> +    try:
> +        re.compile(regex_string)
> +    except Exception:
> +        raise ValidationError('Invalid regular expression entered!')
> +
> +
>  @python_2_unicode_compatible
>  class Person(models.Model):
>      # properties
> @@ -74,7 +82,8 @@ class Project(models.Model):
>      listid = models.CharField(max_length=255)
>      listemail = models.CharField(max_length=200)
>      subject_match = models.CharField(
> -        max_length=64, blank=True, default='', help_text='Regex to match the '
> +        max_length=64, blank=True, default='',
> +        validators=[validate_regex_compiles], help_text='Regex to match the '
>          'subject against if only part of emails sent to the list belongs to '
>          'this project. Will be used with IGNORECASE and MULTILINE flags. If '
>          'rules for more projects match the first one returned from DB is '
> @@ -232,9 +241,10 @@ class State(models.Model):
>  class Tag(models.Model):
>      name = models.CharField(max_length=20)
>      pattern = models.CharField(
> -        max_length=50, help_text='A simple regex to match the tag in the'
> -        ' content of a message. Will be used with MULTILINE and IGNORECASE'
> -        ' flags. eg. ^Acked-by:')
> +        max_length=50, validators=[validate_regex_compiles],
> +        help_text='A simple regex to match the tag in the content of a '
> +        'message. Will be used with MULTILINE and IGNORECASE flags. eg. '
> +        '^Acked-by:')
>      abbrev = models.CharField(
>          max_length=2, unique=True, help_text='Short (one-or-two letter)'
>          ' abbreviation for the tag, used in table column headers')
> -- 
> 2.13.6

More information about the Patchwork mailing list