Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 5b6b257

Browse filesBrowse files
adamchainzcarltongibson
adamchainz
authored and
carltongibson
committed
[3.2.x] Fixed CVE-2022-41323 -- Prevented locales being interpreted as regular expressions.
Thanks to Benjamin Balder Bach for the report.
1 parent 33affaf commit 5b6b257
Copy full SHA for 5b6b257

File tree

3 files changed

+12
-2
lines changed
Filter options

3 files changed

+12
-2
lines changed

‎django/urls/resolvers.py

Copy file name to clipboardExpand all lines: django/urls/resolvers.py
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -303,7 +303,7 @@ def __init__(self, prefix_default_language=True):
303303
@property
304304
def regex(self):
305305
# This is only used by reverse() and cached in _reverse_dict.
306-
return re.compile(self.language_prefix)
306+
return re.compile(re.escape(self.language_prefix))
307307

308308
@property
309309
def language_prefix(self):

‎docs/releases/3.2.16.txt

Copy file name to clipboardExpand all lines: docs/releases/3.2.16.txt
+5-1Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,4 +6,8 @@ Django 3.2.16 release notes
66

77
Django 3.2.16 fixes a security issue with severity "medium" in 3.2.15.
88

9-
...
9+
CVE-2022-41323: Potential denial-of-service vulnerability in internationalized URLs
10+
===================================================================================
11+
12+
Internationalized URLs were subject to potential denial of service attack via
13+
the locale parameter.

‎tests/i18n/patterns/tests.py

Copy file name to clipboardExpand all lines: tests/i18n/patterns/tests.py
+6Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -172,6 +172,12 @@ def test_translate_url_utility(self):
172172
self.assertEqual(translate_url('/nl/gebruikers/', 'en'), '/en/users/')
173173
self.assertEqual(translation.get_language(), 'nl')
174174

175+
def test_locale_not_interepreted_as_regex(self):
176+
with translation.override("e("):
177+
# Would previously error:
178+
# re.error: missing ), unterminated subpattern at position 1
179+
reverse("users")
180+
175181

176182
class URLNamespaceTests(URLTestCaseBase):
177183
"""

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.