From 6d894768a492c1f7d1e5e80645c43ed9416432af Mon Sep 17 00:00:00 2001
From: Rich Trott <rtrott@gmail.com>
Date: Sat, 4 Sep 2021 14:56:23 -0700
Subject: [PATCH] fix: update regular expression to remove ReDOS

Fixes: https://github.com/stevemao/trim-off-newlines/issues/2
---
 index.js | 2 +-
 test.js  | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/index.js b/index.js
index 46e3d57..9aaa826 100644
--- a/index.js
+++ b/index.js
@@ -1,6 +1,6 @@
 'use strict';
 
-var regex = /^(?:\r\n|\n|\r)+|(?:\r\n|\n|\r)+$/g;
+var regex = /^(?:\r|\n)+|(?:\r|\n)+$/g;
 
 module.exports = function (str) {
 	return str.replace(regex, '');
diff --git a/test.js b/test.js
index 54cdac8..f4c9ffb 100644
--- a/test.js
+++ b/test.js
@@ -19,3 +19,10 @@ it('should trim off \\r\\n', function () {
 	assert.strictEqual(trimOffNewlines('\r\nunicorns\r\n'), 'unicorns');
 	assert.strictEqual(trimOffNewlines('unicorns\r\n\r\n\r\n\r\n\r\n\r\n'), 'unicorns');
 });
+
+it('should not be susceptible to exponential backtracking', function () {
+	var start = Date.now();
+	trimOffNewlines('a' + '\r\n'.repeat(1000) + 'a');
+	var end = Date.now();
+	assert.ok(end - start < 1000, 'took too long, probably susceptible to ReDOS');
+});