From 749920540204496f8a32152bbb7b467ffca0b0a6 Mon Sep 17 00:00:00 2001
From: Jamie Davis <davisjam@vt.edu>
Date: Sat, 24 Feb 2018 16:43:04 -0500
Subject: [PATCH] Fix: remove catastrophic backtracking vulnerability

Change template substitution regex to exclude fields with whitespace.
This addresses possible O(n^2) catastrophic backtracking behavior.

Very unlikely to be exploited. For #10002.
---
 lib/util/interpolate.js | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/lib/util/interpolate.js b/lib/util/interpolate.js
index e0f2d027d197..d02f0933aea7 100644
--- a/lib/util/interpolate.js
+++ b/lib/util/interpolate.js
@@ -13,7 +13,12 @@ module.exports = (text, data) => {
     if (!data) {
         return text;
     }
-    return text.replace(/\{\{\s*([^{}]+?)\s*\}\}/g, (fullMatch, term) => {
+
+    // Substitution content for any {{ }} markers.
+    return text.replace(/\{\{([^{}]+?)\}\}/g, (fullMatch, term) => {
+
+        // Strip leading and trailing whitespace.
+        term = term.replace(/^\s+|\s+$/g, "");
         if (term in data) {
             return data[term];
         }