From aa20be627309ea9c542f86d11f38ee650565d9f6 Mon Sep 17 00:00:00 2001
From: Jeff Widman <jeff@jeffwidman.com>
Date: Thu, 28 Jul 2022 20:16:57 -0700
Subject: [PATCH] Fix incomplete regular expressions for hostnames

The unescaped '.' before 'amazonaws.com' could match more hosts than
expected.

Discovered via CodeQL.

Fix https://github.com/dependabot/dependabot-core/security/code-scanning/6
Fix https://github.com/dependabot/dependabot-core/security/code-scanning/7
---
 docker/lib/dependabot/docker/file_parser.rb              | 2 +-
 docker/lib/dependabot/docker/utils/credentials_finder.rb | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/docker/lib/dependabot/docker/file_parser.rb b/docker/lib/dependabot/docker/file_parser.rb
index 70590c8c9b..5c3e45b38c 100644
--- a/docker/lib/dependabot/docker/file_parser.rb
+++ b/docker/lib/dependabot/docker/file_parser.rb
@@ -32,7 +32,7 @@ class FileParser < Dependabot::FileParsers::Base
         %r{^#{FROM}\s+(#{PLATFORM}\s+)?(#{REGISTRY}/)?
           #{IMAGE}#{TAG}?#{DIGEST}?#{NAME}?}x.freeze
 
-      AWS_ECR_URL = /dkr\.ecr\.(?<region>[^.]+).amazonaws\.com/.freeze
+      AWS_ECR_URL = /dkr\.ecr\.(?<region>[^.]+)\.amazonaws\.com/.freeze
 
       def parse
         dependency_set = DependencySet.new
diff --git a/docker/lib/dependabot/docker/utils/credentials_finder.rb b/docker/lib/dependabot/docker/utils/credentials_finder.rb
index 28bf4772ea..43ff7718e0 100644
--- a/docker/lib/dependabot/docker/utils/credentials_finder.rb
+++ b/docker/lib/dependabot/docker/utils/credentials_finder.rb
@@ -9,7 +9,7 @@ module Dependabot
   module Docker
     module Utils
       class CredentialsFinder
-        AWS_ECR_URL = /dkr\.ecr\.(?<region>[^.]+).amazonaws\.com/.freeze
+        AWS_ECR_URL = /dkr\.ecr\.(?<region>[^.]+)\.amazonaws\.com/.freeze
 
         def initialize(credentials)
           @credentials = credentials