Skip to content

Commit 8688c1a

Browse files
committed
fix: Prevent polynomial backtracking in email regex
Switch to possessive quantifiers and exclude '.' from the domain first-label class so the engine cannot backtrack across the literal dot. Addresses SonarQube S5852.
1 parent dfdc2ac commit 8688c1a

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

src/main/java/com/retailsvc/http/validate/DefaultValidator.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ public final class DefaultValidator implements Validator {
4747

4848
private record FormatCheck(Predicate<String> isValid, String message) {}
4949

50-
private static final Pattern EMAIL = Pattern.compile("^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$");
50+
private static final Pattern EMAIL = Pattern.compile("^[^\\s@]++@[^\\s@.]++\\.[^\\s@]++$");
5151

5252
private static final Pattern HOSTNAME =
5353
Pattern.compile(

0 commit comments

Comments
 (0)