search

IBM / jsonsubschema

Tool for checking whether a JSON schema is a subschema of another JSON schema.
Apache License 2.0
82 stars 17 forks source link

greenery - infinite loop #5

Closed michaelfruth closed 4 years ago

michaelfruth commented 4 years ago

Hey,

I think there is a problem in the used package greenery. The method regex_meet in _utils.py can run into an infinite loop.

def regex_meet(s1, s2):
    if s1 and s2:
        ret = parse(s1) & parse(s2)
...

This error can be reproduced with following arguments:

s1 = ".{0,}"
s2 = "commonjs|amd|umd|system|es6|es2015|esnext|none"
parse(s1) & parse(s2)

The problem is the intersection (&) of the two parsed arguments. This can lead to an infinite loop.

This is fixed in the current version (GitHub) of greenery because with these sources everything works fine. The problem lies in the released version in PyPip on which jsonsubschema relies. The release in PyPip was on 04-19-2018, the last commit in the GitHub repository was on 04-10-2020. Maybe you can add a note or change the dependency somehow to GitHub of greenery?

Best Regards

andrewhabib commented 4 years ago

Hi, Thank you for reporting this. I can confirm the bug in greenery. However, it is not convenient to have the dependency on the git repository directly... specially for other libraries which depend on jsonsubschema. Let's see if the developer/owner of greenery is willing to make a new release soon.

andrewhabib commented 4 years ago

greenery developer was so kind to release a new version. So this issue should be considered resolved and I am gonna close it.