Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Curl_fnmatch takes too long time on complicated pattern #2291
I did this
Run test case 1307 with the attached patch applied. This is OSS-fuzz issue 5908 (still not open to the public).
I expected the following
The test should execute swiftly and return error/success.
The execution of unit1307 takes many seconds. On my 3.5GHz machine, it takes more than 7 seconds. On slower hardware it can take much more time.
Both 7.58.0 and git master work like this
I'm quite busy right now, but I'll do some profiling on it ASAP and report here.
Your attached patch shows empty here... without patch, runtest.pl 1307 takes less than a second here. If not yet to be disclosed, you can send this patch to my perso e-mail :-)
Strange: can get it with curl, but FF does not show it :-(
Now that I can see it, I have a straightforward explanation: this is a pathological case!
I think I can develop a patch for this particular case, but we can think of other pathological cases, like
IMHO, the only way to avoid them is to compile the pattern into a Deterministic Finite Automaton first, then apply this DFA to the string. The drawbacks are: bigger code, possible more time consumed in non-pathological cases and possible high memory needs depending on the pattern. By using such a DFA, backtracking is never needed. But maybe this is a bit "overthought" for such an insignifiant function ...?
I'll submit a PR with a fix for the