From e06e432e7a04b2bb9b35347105dc211bbc9144d5 Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Fri, 19 Jul 2024 22:08:18 +0100
Subject: [PATCH 1/2] Simplify the regex to make it easier to fix the ReDoS.
 The new version isn't exactly equivalent to the old: it matches a superset of
 the strings matched by the old version.

---
 lib/autoInject.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/autoInject.js b/lib/autoInject.js
index b1f242e18..8e2e29ff2 100644
--- a/lib/autoInject.js
+++ b/lib/autoInject.js
@@ -3,7 +3,7 @@ import wrapAsync from './internal/wrapAsync.js'
 import { isAsync } from './internal/wrapAsync.js'
 
 var FN_ARGS = /^(?:async\s+)?(?:function)?\s*\w*\s*\(\s*([^)]+)\s*\)(?:\s*{)/;
-var ARROW_FN_ARGS = /^(?:async\s+)?\(?\s*([^)=]+)\s*\)?(?:\s*=>)/;
+var ARROW_FN_ARGS = /^(?:async\s+)?\s*\(?\s*([^)=]*)\s*\)?(?:\s*=>)/;
 var FN_ARG_SPLIT = /,/;
 var FN_ARG = /(=.+)?(\s*)$/;
 

From 06986422db9e90b6d121bab5f53856676a3cb354 Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Fri, 19 Jul 2024 22:15:13 +0100
Subject: [PATCH 2/2] Fix ReDoS

---
 lib/autoInject.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/autoInject.js b/lib/autoInject.js
index 8e2e29ff2..68eb3c99c 100644
--- a/lib/autoInject.js
+++ b/lib/autoInject.js
@@ -2,8 +2,8 @@ import auto from './auto.js'
 import wrapAsync from './internal/wrapAsync.js'
 import { isAsync } from './internal/wrapAsync.js'
 
-var FN_ARGS = /^(?:async\s+)?(?:function)?\s*\w*\s*\(\s*([^)]+)\s*\)(?:\s*{)/;
-var ARROW_FN_ARGS = /^(?:async\s+)?\s*\(?\s*([^)=]*)\s*\)?(?:\s*=>)/;
+var FN_ARGS = /^(?:async\s)?(?:function)?\s*(?:\w+\s*)?\(([^)]+)\)(?:\s*{)/;
+var ARROW_FN_ARGS = /^(?:async\s)?\s*(?:\(\s*)?((?:[^)=\s]\s*)*)(?:\)\s*)?=>/;
 var FN_ARG_SPLIT = /,/;
 var FN_ARG = /(=.+)?(\s*)$/;