You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Supporting them correctly is... harder than it looks like. This can match:
foobar
foobaR
foobAr
foobAR
fooBar
... and 59 strings more
and ursadb query language is not expressive enough to support this.
We can't hack around this by chopping the query in the backend to something like:
( "foo" AND (
"oob" AND (
"oba" AND (
...
) OR
"obA" AND (
)
) OR
"ooB" AND (
"oBa" AND (
...
) OR
"oBA" AND (
...
)
)
) OR "foO AND (
...
) OR "fOo" AND (
...
) OR "fOO" AND (
...
) ...
Because of exponential growth.
OTOH I feel like like this can solved with a C++ method (needs investigation). In this case we need to introduce nocase strings to ursadb.
Needs investigation (if this results in too many false positives, we may as well give up).
The text was updated successfully, but these errors were encountered:
Right now, we just ignore strings with the nocase flag:
Supporting them correctly is... harder than it looks like. This can match:
and ursadb query language is not expressive enough to support this.
We can't hack around this by chopping the query in the backend to something like:
Because of exponential growth.
OTOH I feel like like this can solved with a C++ method (needs investigation). In this case we need to introduce
nocase
strings to ursadb.Needs investigation (if this results in too many false positives, we may as well give up).
The text was updated successfully, but these errors were encountered: