regexploit icon indicating copy to clipboard operation
regexploit copied to clipboard

Published 20 hours ago verified publisher icon doyensec

Feature request: timeout

Open Korving-F opened this issue 3 years ago • 2 comments

While scanning a large set of regular expressions I found some particularly nasty lines which hung my scripted scan. Perhaps a timeout flag could be added?

Korving-F avatar Mar 22 '21 13:03 Korving-F

Yeah DoS in a DoS-finding tool isn't ideal. A timeout might help.

Do you know if it was a particularly weird regex (or string which was misidentified a regex) or parsing a giant file (and which language file)?

b-c-ds avatar Mar 22 '21 20:03 b-c-ds

It was a file of collected regexes, so no extractions from language files.

See below for one of the patterns in question. In case you want to use it to debug. ^_^

(\d{10})\.\d{6}\t([^\t]+)\t(?:-|(((\d{1,3}\.){3}\d{1,3}|([A-Fa-f0-9%.]*:[A-Fa-f0-9%.:]+(th0)?))|[^\t]+))\t(?:-|(((\d{1,3}\.){3}\d{1,3}|([A-Fa-f0-9%.]*:[A-Fa-f0-9%.:]+(th0)?))|[^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+))\t(?:-|([^\t]+?))\s*

Korving-F avatar Mar 23 '21 06:03 Korving-F