Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Regular expression caused exponential backtracking on Ruby #40

Closed
aldy505 opened this issue Oct 2, 2021 · 0 comments · Fixed by #41
Closed

Regular expression caused exponential backtracking on Ruby #40

aldy505 opened this issue Oct 2, 2021 · 0 comments · Fixed by #41
Labels
bug Something isn't working good first issue Good for newcomers hacktoberfest

Comments

@aldy505
Copy link
Member

aldy505 commented Oct 2, 2021

  1. This part of the regular expression may cause exponential backtracking on strings starting with 'do|' and containing many repetitions of 'a' and on strings starting with 'do|a,' and containing many repetitions of 'aaa,'.
    { pattern: /(do\s*\|(\w+(,\s*\w+)?)+\|)/, type: 'keyword.control' },

According to the LGTM rule (click that link to see detailed rule):

Some regular expressions take a long time to match certain input strings to the point where the time it takes to match a string of length n is proportional to nk or even 2n. Such regular expressions can negatively affect performance, or even allow a malicious user to perform a Denial of Service ("DoS") attack by crafting an expensive input string for the regular expression to match.

See LGTM for the detailed issue.

@aldy505 aldy505 added bug Something isn't working good first issue Good for newcomers hacktoberfest labels Oct 2, 2021
aldy505 pushed a commit that referenced this issue Oct 3, 2021
fix #40: optimize Ruby's regex pattern
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working good first issue Good for newcomers hacktoberfest
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant