Add timeout to regex matching to prevent ReDoS

Copilot · waldekmastykarz · Copilot · commit bfae8d3800a5 · 2026-02-22T10:26:40.000Z
Co-authored-by: waldekmastykarz &lt;11164679+waldekmastykarz@users.noreply.github.com&gt;
diff --git a/DevProxy.Plugins/Mocking/MockStdioResponsePlugin.cs b/DevProxy.Plugins/Mocking/MockStdioResponsePlugin.cs
@@ -268,7 +268,7 @@ Configuration.Mocks is null ||
 
             // Check if stdin matches the body regex
             if (hasBodyRegex &&
-                !Regex.IsMatch(stdinBody, mockResponse.Request.BodyRegex!, RegexOptions.IgnoreCase))
+                !Regex.IsMatch(stdinBody, mockResponse.Request.BodyRegex!, RegexOptions.IgnoreCase, TimeSpan.FromSeconds(5)))
             {
                 return false;
             }

Original file line number	Diff line number	Diff line change
`@@ -268,7 +268,7 @@ Configuration.Mocks is null \|\|`
`268`	`268`
`269`	`269`	`// Check if stdin matches the body regex`
`270`	`270`	`if (hasBodyRegex &&`
`271`		`- !Regex.IsMatch(stdinBody, mockResponse.Request.BodyRegex!, RegexOptions.IgnoreCase))`
	`271`	`+ !Regex.IsMatch(stdinBody, mockResponse.Request.BodyRegex!, RegexOptions.IgnoreCase, TimeSpan.FromSeconds(5)))`
`272`	`272`	`{`
`273`	`273`	`return false;`
`274`	`274`	`}`