To fix the problem, we need to modify the regular expression to remove the ambiguity that causes exponential backtracking. Specifically, we should replace the optional segments (\/?) with a more deterministic pattern. This can be achieved by ensuring that each segment of the regular expression is unambiguous and does not lead to multiple matching paths.
We will replace \/? with a more specific pattern that avoids ambiguity.
We will ensure that the regular expression remains functionally equivalent by carefully adjusting the pattern to match the same strings without causing performance issues.
Suggested fixes powered by Copilot Autofix. Review carefully before merging.
Fixes https://github.com/cloudinary-community/cloudinary-util/security/code-scanning/2
To fix the problem, we need to modify the regular expression to remove the ambiguity that causes exponential backtracking. Specifically, we should replace the optional segments (
\/?) with a more deterministic pattern. This can be achieved by ensuring that each segment of the regular expression is unambiguous and does not lead to multiple matching paths.\/?with a more specific pattern that avoids ambiguity.Suggested fixes powered by Copilot Autofix. Review carefully before merging.