The following code in langflow-1.0.18\\src\\backend\\base\\langflow\\interface\\utils.py could lead to a ReDoS (Regular Expression Denial of Service) attack:
pattern = r"\\{\\{(.*?)\\}\\}|\\{([^{}]+)\\}"
while True:
match = re.search(pattern, remaining_text)
remaining_text is the prompt_request.template parameter transmitted by the user via a POST method:
@router.post("/prompt", status_code=200, response_model=PromptValidationResponse)
def post_validate_prompt(prompt_request: ValidatePromptRequest):
try:
if not prompt_request.frontend_node:
return PromptValidationResponse(
input_variables=[],
frontend_node=None,
)
# Process the prompt template using direct attributes
input_variables = process_prompt_template(
template=prompt_request.template,
name=prompt_request.name,
custom_fields=prompt_request.frontend_node.custom_fields,
frontend_node_template=prompt_request.frontend_node.template,
)
return PromptValidationResponse(
input_variables=input_variables,
frontend_node=prompt_request.frontend_node,
)
except Exception as e:
logger.exception(e)
raise HTTPException(status_code=500, detail=str(e)) from e
https://devina.io/redos-checker
nput malicious ReDoS statements according to the image below, or send a malicious request package using POST.
