Merge pull request #2148 from certtools/fix-2138

FIX: CodeQL exponential backtracking on strings

Author: aaronkaplan

CHANGELOG.md

@@ -94,6 +94,7 @@ CHANGELOG
   - Decorator `skip_ci` also detects `dpkg-buildpackage` environments by checking the environment variable `DEB_BUILD_ARCH` (PR#2123 by Sebastian Wagner).
 - Also test on Python 3.10 (PR#2140 by Sebastian Wagner).
 - Switch from nosetests to pytest, as the former does not support Python 3.10 (PR#2140 by Sebastian Wagner).
+- CodeQL Github Actions `exponential backtracking on strings` fixed. (PR#2148 by Sebastian Waldbauer, fixes #2138)
 
 ### Tools
 

intelmq/bots/parsers/sucuri/parser.py

@@ -22,7 +22,7 @@ def handle_data(self, data):
 
 
 parser = MyHTMLParser()
-remove_comments = re.compile(r"<!--(.|\s|\n)*?-->")
+remove_comments = re.compile(r"<!--.*?-->", re.DOTALL)
 
 
 class SucuriParserBot(ParserBot):