Catastrophic backtracking in regular expression

[ericwb]

While doing some static analysis, found that this bit of code is vulnerable to a ReDoS (Regular expression denial-of-service).

https://github.com/nficano/python-lambda/blob/master/aws_lambda/helpers.py#L41

⛔️ Error on line 41 in https://github.com/nficano/python-lambda/blob/master/aws_lambda/helpers.py#L41
PY033: Inefficient Regular Expression Complexity
The call to 're.search'' with regex pattern 'r"^\${(?P<environment_key_name>\w+)*}$"'' is susceptible to catastrophic backtracking and may cause performance degradation.
  40     if val is not None and isinstance(val, str):                                                      
❱ 41         match = re.search(r"^\${(?P<environment_key_name>\w+)*}$", val)                               
  42         if match is not None:                                                                         

To recreate in a small sample:

import re

val = "${aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa!}"
match = re.search(r"^\${(?P<environment_key_name>\w+)*}$", val)

Running this code will hang for a very long time.

Thus in the original code, if an environment variable is set to "${aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa!}" you'll get a similar denial-of-service.

https://docs.securesauce.dev/rules/PY033