19 lines
805 B
Plaintext
19 lines
805 B
Plaintext
== Why is this an issue?
|
|
|
|
Far from being quick and efficient, regular expression evaluation can lead to an exponential number of evaluation paths in the worst case. Use a vulnerable regular expression, and with the right inputs it could bring your system to its knees, resulting in a Denial of Service.
|
|
|
|
|
|
Specifically, a vulnerable regex is one that contains a repeated group (E.G. ``++(x)*++`` ), and inside that group there is either further repetition or overlapping alternation (E.G. ``++ab|aba++`` ).
|
|
|
|
|
|
=== Noncompliant code example
|
|
|
|
[source,text]
|
|
----
|
|
public void testInput(String input) {
|
|
input.replaceAll("(x+)*", ""); // Noncompliant; group is repeated and contains repetition
|
|
input.replaceAll("(ab|aba)+", ""); // Noncompliant; group is repeated and contains overlapping alternation
|
|
}
|
|
----
|
|
|