fix ReDoS-vulnerable regexp in addImage (parallax#3091)

yetingli · allansson · commit 3f0221487210 · 2024-06-24T13:40:45.000+02:00
diff --git a/src/modules/addimage.js b/src/modules/addimage.js
@@ -630,7 +630,7 @@ import { atob, btoa } from "../libs/AtobBtoa.js";
     var result = null;
 
     if (dataUrlParts.length === 2) {
-      var extractedInfo = /^data:(\w*\/\w*);*(charset=[\w=-]*)*;*$/.exec(
+      var extractedInfo = /^data:(\w*\/\w*);*(charset=(?!charset=)[\w=-]*)*;*$/.exec(
         dataUrlParts[0]
       );
       if (Array.isArray(extractedInfo)) {
