

Is there any way to put malicious code into Regex? - mtrn
http://stackoverflow.com/q/4579497/89391

======
dasht
The answers given there cite denial of service attacks as the big threat.

When I wrote the regexp matcher that comes buried inside of GNU Arch, I was
careful to ensure that client programs could limit both amount of memory and
the amount of time used to attempt a match. If the matcher runs into the
memory unit, it trades time for space and simply runs more slowly. If it runs
for too long, programs can just stop the match and free everything up. Of
course, on many normal, non-malicious patterns, the matcher is simply fast and
memory efficient.

That matcher also supports matching text that is not contiguous in memory. For
example, if your text is split up into lots of separate strings (as in a DOM),
this matcher can treat those as if they were all one long string.

------
bediger
This paper might have some answers:
[http://www.usenix.org/event/woot08/tech/full_papers/drewry/d...](http://www.usenix.org/event/woot08/tech/full_papers/drewry/drewry_html/)

