BUG in Regex++ 3.31
Hello, All! Call to the regex_match(chkString,Match,Expression,match_not_dot_newline) causes program go into an infinite loop when chkString="http://localhost/ideas/exchange/June98/test/test.cfm" and Expression="^/(.*)*.cfm" Both Regex++ and test program are compiled with VC7.0 on WindowsXP. I have tried to play with optimisation settings, but this bug appears even in debug configuration. I understand that syntax of regular expression is incorrect, but library should rise error in this case. I hope that I'm doing something wrong and there is a workaround to this problem. With best regards, Yaroslav Govorunov, E-mail: slov@rsdn.ru http://www.rsdn.ru http://www.isapirewrite.com
YG> Both Regex++ and test program are compiled with VC7.0 on WindowsXP. I YG> have tried to play with optimisation settings, but this bug appears YG> even in debug configuration. I understand that syntax of regular YG> expression is incorrect, but library should rise error in this case. I YG> hope that I'm doing something wrong and there is a workaround to this YG> problem. Oh, I have read 'Appendix 1: Implementation notes'. This is bad, this is VERY BAD for my program :-(( Is there any way to turn nested repeats off? Or at least to check that regular expression contains nested repeats? With best regards, Yaroslav Govorunov, E-mail: slov@rsdn.ru http://www.rsdn.ru http://www.isapirewrite.com
Call to the regex_match(chkString,Match,Expression,match_not_dot_newline) causes program go into an infinite loop when chkString="http://localhost/ideas/exchange/June98/test/test.cfm" and Expression="^/(.*)*.cfm" Both Regex++ and test program are compiled with VC7.0 on WindowsXP. I have tried to play with optimisation settings, but this >bug appears even in debug configuration. I understand that syntax of regular expression is incorrect, but library should rise error in >this case. I hope that I'm doing something wrong and there is a workaround to this problem.
anything that contains (.*)* is going to get pathological: it's the classic test case that breaks all backtracking regex implementations. I hope that a future version will detect and throw and exception when something like this is used. John Maddock http://ourworld.compuserve.com/homepages/john_maddock/index.htm
Call to the regex_match(chkString,Match,Expression,match_not_dot_newline) causes program go into an infinite loop when chkString="http://localhost/ideas/exchange/June98/test/test.cfm" and Expression="^/(.*)*.cfm" Both Regex++ and test program are compiled with VC7.0 on WindowsXP. I have tried to play with optimisation settings, but this >bug appears even in debug configuration. I understand that syntax of regular expression is incorrect, but library should rise error in >this case. I hope that I'm doing something wrong and there is a workaround to this problem.
anything that contains (.*)* is going to get pathological: it's the classic test case that breaks all backtracking regex implementations. I hope that a future version will detect and throw and exception when something like
"John Maddock"
is used.
The "(.*)*" is strange ( zero or more of any character, except newline in the case above, repeated zero or more times ) but is shouldn't cause an infinite loop if that is what it is acrually doing. If it does, I think it needs to be fixed in a future release.
Hello, Edward! You wrote on Mon, 9 Sep 2002 07:54:16 -0400: ED> The "(.*)*" is strange ( zero or more of any character, except newline ED> in the case above, repeated zero or more times ) but is shouldn't ED> cause an infinite loop if that is what it is acrually doing. If it ED> does, I think it needs to be fixed in a future release. It does not cause an infinite loop. It just takes 2^N time to process (where N is string length), so on a long strings (not very long, 20-50 chars) it tooks approximately infinity :-) With best regards, Yaroslav Govorunov, E-mail: slov@rsdn.ru http://www.rsdn.ru http://www.isapirewrite.com
Hello, John! You wrote on Mon, 9 Sep 2002 12:09:37 +0100: JM> anything that contains (.*)* is going to get pathological: it's the JM> classic test case that breaks all backtracking regex implementations. JM> I hope that a future version will detect and throw and exception when JM> something like this is used. I hope so. But now we have added timer to the regex_match algorithm, so now it throws exception on timeout. This slows down algorithm, but we need this protection. Also I have found that older versions of Regex++ don't have this vulnerability. Maybe there is a way to find if regular expression contains nested repeats on creation stage? With best regards, Yaroslav Govorunov, E-mail: slov@rsdn.ru http://www.rsdn.ru http://www.isapirewrite.com
participants (3)
-
Edward Diener -
John Maddock -
Yaroslav Govorunov