17 lines
778 B
Plaintext
17 lines
778 B
Plaintext
Far from being quick and efficient, regular expression evaluation can lead to an exponential number of evaluation paths in the worst case. Use a vulnerable regular expression, and with the right inputs it could bring your system to its knees, resulting in a Denial of Service.
|
|
|
|
|
|
Specifically, a vulnerable regex is one that contains a repeated group (E.G. ``++(x)*++`` ), and inside that group there is either further repetition or overlapping alternation (E.G. ``++ab|aba++`` ).
|
|
|
|
|
|
== Noncompliant Code Example
|
|
|
|
[source,text]
|
|
----
|
|
public void testInput(String input) {
|
|
input.replaceAll("(x+)*", ""); // Noncompliant; group is repeated and contains repetition
|
|
input.replaceAll("(ab|aba)+", ""); // Noncompliant; group is repeated and contains overlapping alternation
|
|
}
|
|
----
|
|
|