This repository has been archived by the owner on May 14, 2020. It is now read-only.
Rule 941130: False positive #1582
Labels
Comments
|
This issue has been open 120 days with no activity. Remove the stale label or comment, or this will be closed in 14 days |
github-actions
bot
added
the
Stale issue
|
The issue still exists, not sure tagging it as stale and closing it is the right way forward :) |
|
Correct. Yes so far nobody seemed to care enough to actually get going on this. I have added it to the next meeting. Chances are we will find a volunteer that way. |
dune73
added
Meeting Agenda
and removed
Stale issue
|
Thanks! I'm hoping to get a bit of time to focus on them in the coming weeks/months otherwise. |
|
We took this to our CRS Meetup in Bern and wrote a fix together: #1701 Removing it from the meeting agenda. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Type of Issue
False positive.
Description
The rule incorrectly (I think) match patterns finishing with
base64.Specifically, because of the starting
[\s\S], patterns likeblablabase64will match.I suspect the reason is that the regex tries to do too many things.
Specifically, trying to touch the starting condition to simply be
[\s]break the match of patterns like<!ENTITY % cgger SYSTEM.Not sure what a fix would be besides moving
[\s\S]inside the OR condition of each pattern.Confirmation
[X] I have removed any personal data (email addresses, IP addresses,
passwords, domain names) from any logs posted.
The text was updated successfully, but these errors were encountered: