Skip to content
detect possibly catastrophic, exponential-time regular expressions
Branch: master
Clone or download
Latest commit 93d23dd Mar 19, 2015
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
example
test
.travis.yml 0.12 Mar 19, 2015
LICENSE
index.js opts.limit Mar 19, 2015
package.json
readme.markdown

readme.markdown

safe-regex

detect potentially catastrophic exponential-time regular expressions by limiting the star height to 1

WARNING: This module merely seems to work given all the catastrophic regular expressions I could find scouring the internet, but I don't have enough of a background in automata to be absolutely sure that this module will catch all exponential-time cases.

browser support

build status

example

var safe = require('safe-regex');
var regex = process.argv.slice(2).join(' ');
console.log(safe(regex));
$ node safe.js '(x+x+)+y'
false
$ node safe.js '(beep|boop)*'
true
$ node safe.js '(a+){10}'
false
$ node safe.js '\blocation\s*:[^:\n]+\b(Oakland|San Francisco)\b'
true

methods

var safe = require('safe-regex')

var ok = safe(re, opts={})

Return a boolean ok whether or not the regex re is safe and not possibly catastrophic.

re can be a RegExp object or just a string.

If the re is a string and is an invalid regex, returns false.

  • opts.limit - maximum number of allowed repetitions in the entire regex. Default: 25.

install

With npm do:

npm install safe-regex

license

MIT

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.