Open GoogleCodeExporter opened 8 years ago
The class `Idents` may cause ReDoS attack. File: [https://github.com/flyingsaucerproject/flyingsaucer/blob/master/flying-saucer-c ore/src/main/java/org/xhtmlrenderer/css/constants/Idents.java Idents.java] `Pattern CSS_LENGTH_PATTERN = Pattern.compile(RCSS_LENGTH);` in some data will get a pool performance. Test Code is below: {{{ public class R2Test { private final static String RCSS_NUMBER = "(-)?((\\d){1,10}((\\.)(\\d){1,10})?)"; private final static String RCSS_LENGTH = "((0$)|((" + RCSS_NUMBER + ")+" + "((em)|(ex)|(px)|(cm)|(mm)|(in)|(pt)|(pc)|(%))))"; private final static Pattern CSS_LENGTH_PATTERN = Pattern.compile(RCSS_LENGTH); public static void main(String[] args) { { // TEST1 long start = System.currentTimeMillis(); looksLikeALength("1111111111111111111111,"); System.out.println((System.currentTimeMillis() - start) + " ms"); } { // TEST2 long start = System.currentTimeMillis(); looksLikeALength("11111111111111111111111,"); System.out.println((System.currentTimeMillis() - start) + " ms"); } { // TEST3 long start = System.currentTimeMillis(); looksLikeALength("111111111111111111111111,"); System.out.println((System.currentTimeMillis() - start) + " ms"); } { // TEST4 long start = System.currentTimeMillis(); looksLikeALength("1111111111111111111111111,"); System.out.println((System.currentTimeMillis() - start) + " ms"); } } public static boolean looksLikeALength(String val) { return CSS_LENGTH_PATTERN.matcher(val).matches(); } } }}} Test result: {{{ 960 ms 1912 ms 3753 ms 7650 ms }}}
Original issue reported on code.google.com by jht5...@gmail.com on 26 Sep 2014 at 2:17
jht5...@gmail.com
Original issue reported on code.google.com by
jht5...@gmail.com
on 26 Sep 2014 at 2:17