AzureMonitor: Exclude ( in second capturing group for CodeQL ReDoS vulnerability (#43494)

2025-02-25 18:55:37 -06:00 · 2021-12-23 15:10:35 +01:00 · 2021-12-23 15:10:35 +01:00 · 3326c3ab7b
commit 3326c3ab7b
parent b87c737a14
1 changed files with 1 additions and 1 deletions
--- a/public/app/plugins/datasource/grafana-azure-monitor-datasource/log_analytics/querystring_builder.ts
+++ b/public/app/plugins/datasource/grafana-azure-monitor-datasource/log_analytics/querystring_builder.ts
@ -5,7 +5,7 @@ export default class LogAnalyticsQuerystringBuilder {

  generate() {
    let queryString = this.rawQueryString;
-    const macroRegexp = /\$__([_a-zA-Z0-9]+)\(([^\)]*)\)/gi;
+    const macroRegexp = /\$__([_a-zA-Z0-9]+)\(([^()]*)\)/gi;
    queryString = queryString.replace(macroRegexp, (match, p1, p2) => {
      if (p1 === 'contains') {
        return this.getMultiContains(p2);