From 6d92c3cbdac431db99a450f360a3048bb3aaf458 Mon Sep 17 00:00:00 2001
From: Bianca Nenciu <nbianca@users.noreply.github.com>
Date: Wed, 25 Jan 2023 18:55:33 +0200
Subject: [PATCH] SECURITY: Prevent ReDoS in user agent parsing (#20002)

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
---
 lib/mobile_detection.rb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/mobile_detection.rb b/lib/mobile_detection.rb
index b92523059e1..aa4a8056eb1 100644
--- a/lib/mobile_detection.rb
+++ b/lib/mobile_detection.rb
@@ -36,7 +36,9 @@ module MobileDetection
     Firefox\/1[0-9][0-9]
   }x
 
+  USER_AGENT_MAX_LENGTH = 400
+
   def self.modern_mobile_device?(user_agent)
-    user_agent.match?(MODERN_MOBILE_REGEX)
+    user_agent[0...USER_AGENT_MAX_LENGTH].match?(MODERN_MOBILE_REGEX)
   end
 end