From e6a93dcc699a9cfd6cbc1963c03c6efa74c60d4e Mon Sep 17 00:00:00 2001
From: Devin Binnie <52460000+devinbinnie@users.noreply.github.com>
Date: Tue, 28 Feb 2023 10:14:57 -0500
Subject: [PATCH] [MM-50569] Fix insecure win32 path regex (#2566)

---
 src/common/constants.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/common/constants.ts b/src/common/constants.ts
index 4e9e4443..65977fe1 100644
--- a/src/common/constants.ts
+++ b/src/common/constants.ts
@@ -26,7 +26,7 @@ export const REGEX_EMAIL = /[a-zA-Z0-9.!#$%&’*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\
 export const REGEX_IPV4 = /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/;
 export const REGEX_URL = /https?:\/\/(www\.)?[-a-zA-Z0-9@:%._+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_+.~#?&//=]*)/;
 
-export const REGEX_PATH_WIN32 = /(?:[a-z]:)?[/\\](?:[./\\ ](?![./\\\n])|[^<>:"|?*./\\ \n])+[a-zA-Z0-9]./;
+export const REGEX_PATH_WIN32 = /((?:[a-zA-Z]:|[\\/][\\/][\w\s.]+[\\/][\w\s.$]+)[\\/](?:[\w\s.]+[\\/])+)([\w\s.]+)[$'"\s]/;
 export const REGEX_PATH_DARWIN = /([/]{1}[a-z0-9.]+)+(\/?)|^([/])/;
 export const REGEX_PATH_LINUX = /([/]{1}[a-z0-9.]+)+(\/?)|^([/])/; // same as darwin