FiltersCompiler icon indicating copy to clipboard operation
FiltersCompiler copied to clipboard

Published 20 hours ago verified publisher icon AdguardTeam

Protection from ReDos

Open ameshkov opened this issue 2 years ago • 0 comments

Check this issue: https://github.com/AdguardTeam/AdguardBrowserExtension/issues/2240

The point is that a poor regular expression may cause the extension to completely break the browser. I suggest adding more checks for regular expressions in the filtering rules.

More on catastrophic backtracking and relevant articles:

  • https://javascript.info/regexp-catastrophic-backtracking#back-to-words-and-strings
  • https://api7.ai/blog/how-to-avoid-catastrophic-backtracking-completely
  • https://github.com/NicolaasWeideman/RegexStaticAnalysis

Instead of static analysis, we may consider checking every regular expression against a few hundreds of random URLs and detect the "slow regexes" this way.

ameshkov avatar Dec 12 '22 11:12 ameshkov