fix possible ReDoS (#1536)

* fix possible ReDoS
tradingview · Mar 8, 2024 · f1fceb5 · f1fceb5
1 parent 59ce847
commit f1fceb5
Showing 1 changed file with 6 additions and 6 deletions.
diff --git a/src/helpers/color.ts b/src/helpers/color.ts
@@ -195,11 +195,11 @@ function normalizeRgbComponent<T extends RedComponent | GreenComponent | BlueCom
 }
 
 function normalizeAlphaComponent(component: AlphaComponent): AlphaComponent {
-	return (!(component <= 0) && !(component > 0) ? 0 as AlphaComponent :
-		component < 0 ? 0 as AlphaComponent :
-			component > 1 ? 1 as AlphaComponent :
-				// limit the precision of all numbers to at most 4 digits in fractional part
-				Math.round(component * 10000) / 10000) as AlphaComponent;
+	if (component <= 0 || component > 1) {
+		return Math.min(Math.max(component, 0), 1) as AlphaComponent;
+	}
+	// limit the precision of all numbers to at most 4 digits in fractional part
+	return Math.round(component * 10000) / 10000 as AlphaComponent;
 }
 
 /**
@@ -236,8 +236,8 @@ const rgbRe = /^rgb\(\s*(-?\d{1,10})\s*,\s*(-?\d{1,10})\s*,\s*(-?\d{1,10})\s*\)$
  * @example
  * rgba(255,234,245,0.1)
  */
-const rgbaRe = /^rgba\(\s*(-?\d{1,10})\s*,\s*(-?\d{1,10})\s*,\s*(-?\d{1,10})\s*,\s*(-?[\d]{0,10}(?:\.\d+)?)\s*\)$/;
 
+const rgbaRe = /^rgba\(\s*(-?\d{1,10})\s*,\s*(-?\d{1,10})\s*,\s*(-?\d{1,10})\s*,\s*(-?\d*\.?\d+)\s*\)$/;
 function colorStringToRgba(colorString: string): Rgba {
 	colorString = colorString.toLowerCase();