Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implementing lexer with runtime expression validation #1516

Merged
merged 3 commits into from
Jan 26, 2022
Merged

Implementing lexer with runtime expression validation #1516

merged 3 commits into from
Jan 26, 2022

Conversation

Mzack9999
Copy link
Member

@Mzack9999 Mzack9999 commented Jan 19, 2022
edited
Loading

Proposed changes

This PR refactors the expression identification logic with a pseudo-lexer that performs runtime validation of potential matches. Expressions containing placeholders and/or helper functions are evaluated (eg {{a+b}}, whereas literals containing only base types are not (eg {{'a' + 'b'}}).

Checklist

  • Pull request is created against the dev branch
  • All checks passed (lint, unit/integration/regression tests etc.) with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

Closes https://github.com/projectdiscovery/jira-backlogs/issues/133

@Mzack9999 Mzack9999 self-assigned this Jan 19, 2022
@Mzack9999 Mzack9999 added Type: Enhancement Most issues will probably ask for additions or changes. Status: In Progress This issue is being worked on, and has someone assigned. labels Jan 19, 2022
This was linked to issues Jan 19, 2022
nuclei variable seems to parse numbers differently #1497
Closed
DSL expression separators between quotes should be considered as strings #1501
Closed
@Mzack9999 Mzack9999 added Status: Review Needed The issue has a PR attached to it which needs to be reviewed and removed Status: In Progress This issue is being worked on, and has someone assigned. labels Jan 19, 2022
@Mzack9999 Mzack9999 mentioned this pull request Jan 20, 2022
Closed
4 tasks
@Mzack9999 Mzack9999 mentioned this pull request Jan 26, 2022
Closed
forgedhallpass
forgedhallpass reviewed Jan 26, 2022
View reviewed changes
v2/pkg/protocols/common/expressions/expressions.go
// maxIterations to avoid infinite loop
const maxIterations = 250

func findExpressions(data, OpenMarker, CloseMarker string, functions map[string]govaluate.ExpressionFunction) []string {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This method is complex enough, so it could use an extensive unit test.

@ehsandeep ehsandeep added Status: Completed Nothing further to be done with this issue. Awaiting to be closed. and removed Status: Review Needed The issue has a PR attached to it which needs to be reviewed labels Jan 26, 2022
@ehsandeep ehsandeep merged commit 7cfa39f into dev Jan 26, 2022
@ehsandeep ehsandeep deleted the issue-1497-lexer branch January 26, 2022 18:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehsandeep ehsandeep ehsandeep approved these changes

@forgedhallpass forgedhallpass forgedhallpass approved these changes

@Ice3man543 Ice3man543 Ice3man543 approved these changes

Assignees

@Mzack9999 Mzack9999

Labels
Status: Completed Nothing further to be done with this issue. Awaiting to be closed. Type: Enhancement Most issues will probably ask for additions or changes.
Projects
None yet
Milestone
No milestone
4 participants
@Mzack9999 @ehsandeep @forgedhallpass @Ice3man543