|
Boost Users : |
Subject: Re: [Boost-users] [regex] Mitigating mischief and malice
From: John Maddock (boost.regex_at_[hidden])
Date: 2011-02-28 13:02:40
>>> Say you wanted to give web users a boost::regex interface to a set of
>>> data, knowing that some will try to use it for mischief and malice. I'm
>>> vaguely aware that one can write a regex to consume lots of CPU
>>> (denial-of-service attack), but also lots of stack and/or memory.
>>
>> Boost.Regex has two protections against that:
>>
>> * When BOOST_REGEX_NON_RECURSIVE is defined (the default for all
>> current compilers) then memory usage is strictly limited. This can be
>> configured in boost/regex/user.hpp since the maximum amount of memory
>> used is BOOST_REGEX_MAX_BLOCKS*BOOST_REGEX_BLOCKSIZE, which defaults
>> to 4Mb in total.
>> * The total number of machine states visited (and hence CPU time
>> consumed) is controlled by perl_matcher::estimate_max_state_count, the
>> macro BOOST_REGEX_MAX_STATE_COUNT sets an upper limit on the number of
>> states visited.
>
> Thanks, John and Eric.
>
> So if one deliberately sets the values BOOST_REGEX_MAX_BLOCKS,
> BOOST_REGEX_BLOCKSIZE, and BOOST_REGEX_MAX_STATE_COUNT, and catches the
> exceptions thrown, it ought to be ok?
Yep, but note that those macros have sensible defaults already.
> And, by the way, the exceptions thrown would be std::bad_alloc,
> std::runtime_error, or boost::regex_error (from the regex FAQ). Does
> that cover them? (I know a catch (...) wouldn't hurt...)
I believe so yes, ultimately anything that's ever thrown will inherit from
std::exception anyway.
John.
Boost-users list run by williamkempf at hotmail.com, kalb at libertysoft.com, bjorn.karlsson at readsoft.com, gregod at cs.rpi.edu, wekempf at cox.net