From 3c6d938077112f2ede9548c5f3ae7d583842b3cd Mon Sep 17 00:00:00 2001
From: Bianca Nenciu <nbianca@users.noreply.github.com>
Date: Wed, 25 Jan 2023 18:55:36 +0200
Subject: [PATCH] SECURITY: Prevent ReDoS in user agent parsing (#20003)

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
---
 lib/mobile_detection.rb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/mobile_detection.rb b/lib/mobile_detection.rb
index 1ff3361a15..93bd12bae4 100644
--- a/lib/mobile_detection.rb
+++ b/lib/mobile_detection.rb
@@ -36,7 +36,9 @@ module MobileDetection
     Firefox\/1[0-9][0-9]
   }x
 
+  USER_AGENT_MAX_LENGTH = 400
+
   def self.modern_mobile_device?(user_agent)
-    user_agent.match?(MODERN_MOBILE_REGEX)
+    user_agent[0...USER_AGENT_MAX_LENGTH].match?(MODERN_MOBILE_REGEX)
   end
 end