From d8eae488d826de5b0e794a0ced281add0b5bdbc4 Mon Sep 17 00:00:00 2001
From: Jean Boussier <jean.boussier@gmail.com>
Date: Wed, 6 Dec 2023 18:11:35 +0100
Subject: [PATCH] Avoid 2nd degree polynomial regexp for sanitizing content
 type

This can lead ot ReDos on Ruby 3.1 and older.
---
 lib/rack/utf8_sanitizer.rb | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/lib/rack/utf8_sanitizer.rb b/lib/rack/utf8_sanitizer.rb
index 69c5326..eea3f12 100644
--- a/lib/rack/utf8_sanitizer.rb
+++ b/lib/rack/utf8_sanitizer.rb
@@ -118,9 +118,13 @@ def sanitize_rack_input(env)
       # https://github.com/rack/rack/blob/master/lib/rack/request.rb#L42
       # Logic borrowed from Rack::Request#media_type,#media_type_params,#content_charset
       # Ignoring charset in content type.
-      content_type   = env['CONTENT_TYPE']
-      content_type &&= content_type.split(/\s*[;,]\s*/, 2).first
-      content_type &&= content_type.downcase
+      if content_type = env['CONTENT_TYPE']
+        content_type = content_type.split(/[;,]/, 2).first
+        if content_type
+          content_type.strip!
+          content_type.downcase!
+        end
+      end
       return unless @sanitizable_content_types.any? {|type| content_type == type }
       uri_encoded = URI_ENCODED_CONTENT_TYPES.any? {|type| content_type == type}