Revert "fix: disable regexp backtracking (#160)"

This reverts commit 5ff3a07.
moxystudio · Nov 7, 2024 · 31c1712 · 31c1712
1 parent ccbaa82
commit 31c1712
Showing 1 changed file with 2 additions and 4 deletions.
diff --git a/lib/util/escape.js b/lib/util/escape.js
@@ -15,17 +15,15 @@ function escapeArgument(arg, doubleEscapeMetaChars) {
     arg = `${arg}`;
 
     // Algorithm below is based on https://qntm.org/cmd
-    // It's slightly altered to disable JS backtracking to avoid hanging on specially crafted input
-    // Please see https://github.com/moxystudio/node-cross-spawn/pull/160 for more information
 
     // Sequence of backslashes followed by a double quote:
     // double up all the backslashes and escape the double quote
-    arg = arg.replace(/(?=\\*?)"/g, '$1$1\\"');
+    arg = arg.replace(/(\\*)"/g, '$1$1\\"');
 
     // Sequence of backslashes followed by the end of the string
     // (which will become a double quote later):
     // double up all the backslashes
-    arg = arg.replace(/(?=\\*?)$/, '$1$1');
+    arg = arg.replace(/(\\*)$/, '$1$1');
 
     // All other backslashes occur literally