Fixed a Regexp that allows bad urls to DoS you. #206

merged 1 commit into from Jul 13, 2011


None yet
2 participants

usergenic commented Jul 13, 2011

One thing you need to know about Ruby's Regexp engine is that it handles the nesting of arbitrary-length patterns very poorly in cases where it needs to backtrack.

My patch changed this:
/\A(?:%[0-9a-fA-F]{2}|[^%]+)*\z/ =~ str

To this:
/\A(?:%[0-9a-fA-F]{2}|[^%])*\z/ =~ str

It is important because if str is something like "abcdefghijklmnopqrstuvwxyz1234567890%" you are going to be sitting around while the Regexp engine tries every possible friggin combination of matches before it gives up. By removing the variable length + off the [^%] it only has the option to grab one so no permutation cycling is necessary.

That's just how it is.

raggi added a commit that referenced this pull request Jul 13, 2011

Merge pull request #206 from brendan/19451fc0463ec424fa368cac05be15c7…

Fixed a Regexp that allows bad urls to DoS you.

@raggi raggi merged commit 34f373f into rack:rack-1.3 Jul 13, 2011

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment