Optimize regular expression

for detecting numbers and comma-separated list of numbers.

Author: marksmith

lib/aikido/zen/scanners/sql_injection_scanner.rb

@@ -68,7 +68,7 @@ def attack?
         return false if /\A[[:alnum:]_]+\z/i.match?(@input)
 
         # If the input is a comma-separated list of numbers, ignore it.
-        return false if /\A(?:\d+(?:,\s*)?)+\z/i.match?(@input)
+        return false if /\A[\s,]*\d[\s,\d]*\z/.match?(@input)
 
         Internals.detect_sql_injection(@query, @input, @dialect)
       rescue => err