PDFBOX-5660: optimize/remove regex, 2nd attempt for Sonar

git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1932548 13f79535-47bb-0310-9956-ffa450edef68

Author: Maruan Sahyoun

pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java

@@ -47,7 +47,9 @@ public class PDFStreamParser extends COSParser
      */
     private static final Logger LOG = LogManager.getLogger(PDFStreamParser.class);
 
-    private static final Pattern NUMBER_PATTERN = Pattern.compile("^(?>\\d*)\\.?(?>\\d*)$");
+    // Pattern to match numbers (integers or decimals). Safe from ReDoS: no overlapping quantifiers
+    // or character classes that cause backtracking. The optional decimal group is explicit and bounded.
+    private static final Pattern NUMBER_PATTERN = Pattern.compile("^\\d*(\\.\\d*)?$");
     private static final int MAX_BIN_CHAR_TEST_LENGTH = 10;
     private final byte[] binCharTestArr = new byte[MAX_BIN_CHAR_TEST_LENGTH];
     private int inlineImageDepth = 0;