Parser: Make attribute parsing possessive #12342
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dmsnell
added
[Type] Bug
|
Looks like this introduced no substantial difference in parsing performance for the test documents.
|
dmsnell
force-pushed
the
parser/fix-catastrophic-backtracking
branch
from
65b0e30
to
073f839
Compare
|
Added to the 4.6 milestone, would like to prioritise fixing this given potential effects. |
dmsnell
force-pushed
the
parser/fix-catastrophic-backtracking
branch
2 times, most recently
from
c7f954a
to
910ba2d
Compare
dmsnell
force-pushed
the
parser/fix-catastrophic-backtracking
branch
from
910ba2d
to
41e37c7
Compare
Bug introduced in #11369 Someone discovered high CPU usage due to catastrophic backtracking on an invalid block comment delimiter. The following input crashed the parser on the server: ```html <!-- wp:block {"a":0} / --> ``` The optimization introduced in #11369 ended up opening a place for backtracking that shouldn't be there. In this patch we're grouping the attribute parsing section of the tokenizing RegExp pattern so that we can make the group itself _possessive_ so that we abort any backtracking.
dmsnell
force-pushed
the
parser/fix-catastrophic-backtracking
branch
from
41e37c7
to
49c296c
Compare
youknowriad
pushed a commit
that referenced
this pull request
Nov 30, 2018
* Parser: Make attribute parsing possessive Bug introduced in #11369 Someone discovered high CPU usage due to catastrophic backtracking on an invalid block comment delimiter. The following input crashed the parser on the server: ```html <!-- wp:block {"a":0} / --> ``` The optimization introduced in #11369 ended up opening a place for backtracking that shouldn't be there. In this patch we're grouping the attribute parsing section of the tokenizing RegExp pattern so that we can make the group itself _possessive_ so that we abort any backtracking. * add test and fix broken fix * really fix default JS parser * add explanatory comment * add @SInCE comment with updated target version * version bumps
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bug introduced in #11369
Someone discovered high CPU usage due to catastrophic backtracking on
an invalid block comment delimiter. The following input crashed the
parser on the server:
<!-- wp:block {"a":0} / -->In another case a truncated excerpt crashed the server as well.
<!-- wp:image {"li<br /><br /><strong>This post was too long to display in full. Content has been truncated.</strong>The optimization introduced in #11369 ended up opening a place for
backtracking that shouldn't be there. In this patch we're grouping
the attribute parsing section of the tokenizing RegExp pattern so
that we can make the group itself possessive so that we abort
any backtracking.
Status