From 09014c72b4557dd1254cf68a32e50f78515f5f32 Mon Sep 17 00:00:00 2001
From: "Benjamin W. Broersma" <bw@broersma.com>
Date: Sun, 7 Jul 2024 16:02:36 +0200
Subject: [PATCH] Fix armor regex catastrophic backtracking

Fixes #466.
---
 pgpy/types.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pgpy/types.py b/pgpy/types.py
index 187d3984..e59952d1 100644
--- a/pgpy/types.py
+++ b/pgpy/types.py
@@ -52,13 +52,13 @@ class Armorable(metaclass=abc.ABCMeta):
     __armor_regex = re.compile(r"""# This capture group is optional because it will only be present in signed cleartext messages
                          (^-{5}BEGIN\ PGP\ SIGNED\ MESSAGE-{5}(?:\r?\n)
                           (Hash:\ (?P<hashes>[A-Za-z0-9\-,]+)(?:\r?\n){2})?
-                          (?P<cleartext>(.*\r?\n)*(.*(?=\r?\n-{5})))(?:\r?\n)
+                          (?P<cleartext>(^(|([^-]|- )[^\r\n]*)\r?\n)*(^(|([^-]|- )[^\r\n]*))?)(?:\r?\n)
                          )?
                          # armor header line; capture the variable part of the magic text
                          ^-{5}BEGIN\ PGP\ (?P<magic>[A-Z0-9 ,]+)-{5}(?:\r?\n)
                          # try to capture all the headers into one capture group
                          # if this doesn't match, m['headers'] will be None
-                         (?P<headers>(^.+:\ .+(?:\r?\n))+)?(?:\r?\n)?
+                         (?P<headers>(^[a-zA-Z0-9]+:\ [^\r\n]+(?:\r?\n))+)?(?:\r?\n)?
                          # capture all lines of the body, up to 76 characters long,
                          # including the newline, and the pad character(s)
                          (?P<body>([A-Za-z0-9+/]{1,76}={,2}(?:\r?\n))+)