From c2eea36cc8fc3fc4b53e3b4f60dbc433601c4e08 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebasti=C3=A1n=20Ram=C3=ADrez?= <tiangolo@gmail.com>
Date: Fri, 9 Feb 2024 17:25:22 +0100
Subject: [PATCH] =?UTF-8?q?=E2=9C=85=20Add=20ReDos=20check=20test=20(#81)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tests/test_multipart.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tests/test_multipart.py b/tests/test_multipart.py
index 031515b..2ceecab 100644
--- a/tests/test_multipart.py
+++ b/tests/test_multipart.py
@@ -270,6 +270,11 @@ def test_handles_ie6_bug(self):
         t, p = parse_options_header(b'text/plain; filename="C:\\this\\is\\a\\path\\file.txt"')
 
         self.assertEqual(p[b'filename'], b'file.txt')
+    
+    def test_redos_attack_header(self):
+        t, p = parse_options_header(b'application/x-www-form-urlencoded; !="\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\')
+        # If vulnerable, this test wouldn't finish, the line above would hang
+        self.assertIn(b'"\\', p[b'!'])
 
 
 class TestBaseParser(unittest.TestCase):