rspec/rules/S6444/vbnet/rule.adoc

include::../description.adoc[]

== Sensitive Code Example

[source,vbnet]
----
Public Sub RegexPattern(Input As String)
    Dim EmailPattern As New Regex(".+@.+", RegexOptions.None)
    Dim IsNumber as Boolean = Regex.IsMatch(Input, "[0-9]+")
    Dim IsLetterA as Boolean = Regex.IsMatch(Input, "(a+)+")
End Sub
----

== Compliant Solution

[source,vbnet]
----
Public Sub RegexPattern(Input As String)
    Dim EmailPattern As New Regex(".+@.+", RegexOptions.None, TimeSpan.FromMilliseconds(100))
    Dim IsNumber as Boolean = Regex.IsMatch(Input, "[0-9]+", RegexOptions.None, TimeSpan.FromMilliseconds(100))
    Dim IsLetterA As Boolean = Regex.IsMatch(Input, "(a+)+", RegexOptions.NonBacktracking) '.Net 7 And above
    AppDomain.CurrentDomain.SetData("REGEX_DEFAULT_MATCH_TIMEOUT", TimeSpan.FromMilliseconds(100)) 'process-wide setting
End Sub
----

include::../see.adoc[]

include::../rspecator.adoc[]
Create rule S6444: RegEx evaluation should have a time out specified (#1188) 2022-12-15 11:55:35 +01:00			`include::../description.adoc[]`

			`== Sensitive Code Example`

			`[source,vbnet]`
			`----`
			`Public Sub RegexPattern(Input As String)`
			`Dim EmailPattern As New Regex(".+@.+", RegexOptions.None)`
			`Dim IsNumber as Boolean = Regex.IsMatch(Input, "[0-9]+")`
			`Dim IsLetterA as Boolean = Regex.IsMatch(Input, "(a+)+")`
			`End Sub`
			`----`

			`== Compliant Solution`

			`[source,vbnet]`
			`----`
			`Public Sub RegexPattern(Input As String)`
			`Dim EmailPattern As New Regex(".+@.+", RegexOptions.None, TimeSpan.FromMilliseconds(100))`
			`Dim IsNumber as Boolean = Regex.IsMatch(Input, "[0-9]+", RegexOptions.None, TimeSpan.FromMilliseconds(100))`
			`Dim IsLetterA As Boolean = Regex.IsMatch(Input, "(a+)+", RegexOptions.NonBacktracking) '.Net 7 And above`
			`AppDomain.CurrentDomain.SetData("REGEX_DEFAULT_MATCH_TIMEOUT", TimeSpan.FromMilliseconds(100)) 'process-wide setting`
			`End Sub`
			`----`

			`include::../see.adoc[]`

Inline adoc when include has no additional value (#1940) Inline adoc files when they are included exactly once. Also fix language tags because this inlining gives us better information on what language the code is written in. 2023-05-25 14:18:12 +02:00			`include::../rspecator.adoc[]`