bugfix: ngx.re: split() might enter infinite loops

[thibaultcha]

This is a proposed fix for #104. The issue encountered is similar to #79, but #79 cannot address this issue, since the introduced branch only runs when regex == "".

This proposes to unify the behavior triggered by ambiguous regexes, and that behavior would be to return the subject untouched (because the regex is ambiguous). I believe this behavior might be preferable than to split all characters, but sadly, it is a breaking change, alas :'(

Thoughts on how to best handle this?

[agentzh]

@thibaultcha I think we should follow perl's split's behavior here:

$ perl -e 'print join ",", split /|/, "abcd"'
a,b,c,d

[agentzh]

@thibaultcha I think instead of checking if the regex is empty, we should check if the matched separator is an empty string.

[thibaultcha]

@agentzh Updated the patch. We now mimic the Perl behavior with empty matches and with /^/ as well:

$ perl -e 'print join ":", split //, "abcd"'
a:b:c:d

$ perl -e 'print join ":", split /|/, "abcd"'
a:b:c:d

$ perl -e 'print join ":", split /()/, "abcd"'
a::b::c::d

$ perl -e 'print join ":", split /^/, "ab\ncd"'
ab
:cd

$ perl -e 'print join ":", split /^/m, "ab\ncd"'
ab
:cd

$ perl -e 'print join ":", split / ^/, "ab\ncd"'
ab
cd

$ perl -e 'print join ":", split / ^/x, "ab\ncd"'
ab
:cd

What are your thoughts on respecting this behavior?

[agentzh]

Extra blank line?

[thibaultcha]

oops, oversight...

[agentzh]

2-space indentations?

[agentzh]

Hmm, this is too hacky to scan the regex literal using string.find.

[agentzh]

I think the regex engine should handle this automatically. If not, then there must be some other issues.

[thibaultcha]

Not satisfied with it either... Open to suggestions!

[thibaultcha]

I think the regex engine should handle this automatically. If not, then there must be some other issues.

Sorry missed this. Hmm, I will investigate.

[thibaultcha]

On subj = "ab\ncd" with /^/ If we don't add the m flag, we get:

{ "a", "b\ncd" }

So we do not match on newlines automatically, but only at position 0, because it is our first character, and the rest doesn't get matched. It seemed to me (after a bit of online research) that Perl's split was giving some special care of its own to /^/, but I could definitely be wrong.

[agentzh]

Maybe you should try the "m" regex flag in the Lua split? By default, ^ only matches the beginning of the string IIRC.

[thibaultcha]

Maybe you should try the "m" regex flag in the Lua split?

You mean require users to add it themselves in the opts argument? Because Perl's split behavior is - apparently - to add the m automatically when /^/ is given.

[agentzh]

@thibaultcha Well, here we should follow our own semantics instead of perl's:

$ resty -e 'print((ngx.re.match("a\nb", "^b", "")) and "true" or "false")'
false

$ resty -e 'print((ngx.re.match("a\nb", "^b", "m")) and "true" or "false")'
true

[thibaultcha]

Makes our lives easier, I'm not against it! 😅 Will update.

[thibaultcha]

I updated the patch to not incorporate Perl's split behavior with /^/. However, to preserve the behavior introduced with #79, we still check for empty regexes. I'm not sure if we should check for all empty matches regexes like () or |, which currently have a different behavior than "":

-- empty regex:
ngx_re.split("abcd", "")   -- { "a", "b", "c", "d" }
-- others:
ngx_re.split("abcd", "|")  -- { " ", "a", "b", "c", "d" }
ngx_re.split("abcd", "()") -- { " ", " ", "a", "b", "c", "d" }

Should we do something about it?

[agentzh]

@thibaultcha I think instead of checking empty patterns, we should check empty captures instead.

[thibaultcha]

I'm not sure what you mean, nor how.

[agentzh]

@thibaultcha Just check if the separator pattern actually matches any non-zero length of input data (by checking the pos returned by PCRE). If yes, simply move the cursor to the next character of the input.

[thibaultcha]

@agentzh Sorry for the delay! I pushed a new version of the patch. Moving to the next character on empty matches (what the patch was already doing, but only for empty regexes) does not seem to be enough for cases like:

$ perl -e 'print join ":", split /^/m, "ab\ncd"'
ab
:cd

We now mimic this behavior in ngx_re.split() if the user specifies the m flag:

ngx_re.split("ab\ncd", "^", "m")
{ "ab\n", "cd" }

To do this we handle empty matches by running a second time the regex further ahead, it seems to be the only way to do satisfy both the empty regex and the /^/m one.

Let me know what you think of it!

PS: I don't really like this code duplication between the max and the non-max branches. It leads to an overly complicated function at first look, and needs twice as many tests for both branches :/

[thibaultcha]

@agentzh Have you had some time to review this? Considering it is a bugfix, I think it needs some attention. As pointed out in my previous comment, I think we need to look-ahead when such empty matches happen, to know how many characters must be skipped (not necessary the next character as previously mentioned, implemented). Thanks!

[agentzh]

@thibaultcha It looks strange to me to perform a second match in the same location. Why? You said it is "the only way", but I still don't understand it. Will you elaborate?

[thibaultcha]

Sure, this needs elaboration. So, considering the following string:

"abcd\nefgh"

And the following regex:

/^/m

We have a match at characters 0 and 5. If the only thing we do is moving to the next character after the first match, we have something like the following result:

{ "a", "bcd", "e", "fgh" }

Because our function is not smart enough to know that an empty match does not necessarily mean we are splitting char-by-char. What we need is keep the first match (0), and find where the next match is (we know it'll be empty too), which will be 5. We can then deduce our first sub-string is 1 to 4:

{ "abcd" }

Otherwise, a simple increment would have cut 0 to 1, and then 2 to 4:

{ "a", "bcd" }

Simply incrementing the string pos by one would work for regexps like /()/ were we know the next character is the next match, but not for subjects were we don't know where the next empty match will be at. At least, that's what seems to be the only way (insisting on the "seems") :)

[agentzh]

@thibaultcha It appears clearer to me now. Now I'd just like to be this match's result not wasted.

[agentzh]

Maybe we should not backtrack to the old position? This way we can make this extra match not get wasted. The same applies to the to index returned by this extra match.

[thibaultcha]

Hmmm yeah I thought this was already the case (edited my explanatory comment), but just realized it actually is backtracking to the old position. Will try to get rid of it. Would want nothing less performant than that for lua-resty-core :)

[thibaultcha]

@agentzh I have updated the patch with a new, smaller implementation that I find myself quite found of :) None of the existing tests were modified, some were added to cover additional or missing ground.

[thibaultcha]

Also this patch was rebased on master.

[agentzh]

@thibaultcha This indeed looks much better. Thanks!

@doujiang24 @dndx Will you review this PR when you guys have a chance? Thanks!

[thibaultcha]

Ping :)

[agentzh]

@thibaultcha Sorry for the delay! I'm still waiting for @doujiang24's review :)

[doujiang24]

@thibaultcha @agentzh Sorry for the delay!
LGTM :)

[thibaultcha]

Thanks @doujiang24 !

[agentzh]

@thibaultcha Merged. Thanks!