Possible bug in RE handling - confirmation requested 
Author Message
 Possible bug in RE handling - confirmation requested

In my procmail+perl email sanitizing filters the following regular
expression occurs:

 s/<BODY\s+(([^">]+("(\\.|[^"])*")?)*)ONLOAD/<BODY $1 DEFANGED-ONLOAD/gi;

I have had a report that it fails to exit on SunOS 4.1.3 + Perl 5.004,
causing high CPU loads. I have tested it on Linux 2.0.33 + Perl 5.004_01,
SunOS 4.1.4 + Perl 5.004_04 and Alpha OSF/1 V3.0 + Perl 5.004_04

Can anyone confirm this for me?

Test it by running the following text through "perl -p -e 'above-RE'":

        <body>
        <body junk>
        <body onload="">
        <body junk onload="">
        <body junk=">" onload="">
        <body junk="\">" onload="">

Perl should *not* hang.

Thanks!

--

 pgpk -a finger://gonzo.wolfenet.com/jhardin    PGP key ID: 0x41EA94F5
 PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76
-----------------------------------------------------------------------
  Your mouse has moved. Windows NT must be restarted for the change
  to take effect. Reboot now?  [ OK ]
-----------------------------------------------------------------------
   78 days until Daylight Savings Time ends



Wed, 24 Jan 2001 03:00:00 GMT  
 Possible bug in RE handling - confirmation requested
 [courtesy cc of this posting sent to cited author via email]

:causing high CPU loads. I have tested it on Linux 2.0.33 + Perl 5.004_01,
:SunOS 4.1.4 + Perl 5.004_04 and Alpha OSF/1 V3.0 + Perl 5.004_04
:
:Can anyone confirm this for me?

I can confirm that Linux 2.0.33  and either Perl 5.004_04 or 5.005_02,
that it works fine and does not hang.

--tom
--
    Let's say the docs present a simplified view of reality...    :-)



Wed, 24 Jan 2001 03:00:00 GMT  
 Possible bug in RE handling - confirmation requested


Quote:

>:causing high CPU loads. I have tested it on Linux 2.0.33 + Perl 5.004_01,
>:SunOS 4.1.4 + Perl 5.004_04 and Alpha OSF/1 V3.0 + Perl 5.004_04
>:
>:Can anyone confirm this for me?

> I can confirm that Linux 2.0.33  and either Perl 5.004_04 or 5.005_02,
> that it works fine and does not hang.

> --tom

Thanks.

Can anybody running SunOS 4.1.3 + Perl 5.004_04 try this? That's the only
platform I've had a failure report on so far.

--

 pgpk -a finger://gonzo.wolfenet.com/jhardin    PGP key ID: 0x41EA94F5
 PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76
-----------------------------------------------------------------------
  Your mouse has moved. Windows NT must be restarted for the change
  to take effect. Reboot now?  [ OK ]
-----------------------------------------------------------------------
   78 days until Daylight Savings Time ends



Wed, 24 Jan 2001 03:00:00 GMT  
 Possible bug in RE handling - confirmation requested

Quote:



>>:causing high CPU loads. I have tested it on Linux 2.0.33 + Perl 5.004_01,
>>:SunOS 4.1.4 + Perl 5.004_04 and Alpha OSF/1 V3.0 + Perl 5.004_04
>>:
>>:Can anyone confirm this for me?

>> I can confirm that Linux 2.0.33  and either Perl 5.004_04 or 5.005_02,
>> that it works fine and does not hang.

>> --tom

>Thanks.

>Can anybody running SunOS 4.1.3 + Perl 5.004_04 try this? That's the only
>platform I've had a failure report on so far.

SunOS 4.1.3_U1 and Perl 5.004_04 does *not* hang. I get this
output:

<body>
<body junk>
<BODY  DEFANGED-ONLOAD="">
<BODY junk  DEFANGED-ONLOAD="">
<BODY junk=">"  DEFANGED-ONLOAD="">
<BODY junk="\">"  DEFANGED-ONLOAD="">  

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Asst. Prof. of Clinical Decision Making | University of Illinois at Chicago
Adj. Asst. Prof. of Psychology          | Department of Medical Education
   "Life is what happens to you while you're busy making other plans"
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



Wed, 24 Jan 2001 03:00:00 GMT  
 Possible bug in RE handling - confirmation requested


Quote:
> In my procmail+perl email sanitizing filters the following regular
> expression occurs:

>  s/<BODY\s+(([^">]+("(\\.|[^"])*")?)*)ONLOAD/<BODY $1 DEFANGED-ONLOAD/gi;

> I have had a report that it fails to exit on SunOS 4.1.3 + Perl 5.004,
> causing high CPU loads. I have tested it on Linux 2.0.33 + Perl 5.004_01,
> SunOS 4.1.4 + Perl 5.004_04 and Alpha OSF/1 V3.0 + Perl 5.004_04

> Can anyone confirm this for me?

> Test it by running the following text through "perl -p -e 'above-RE'":

>    <body>
>    <body junk>
>    <body onload="">
>    <body junk onload="">
>    <body junk=">" onload="">
>    <body junk="\">" onload="">

> Perl should *not* hang.

Thirty whacks with the stupid stick for me. The test data I was using
(of which the above is a sample) didn't tickle the RE parser into
backtracking.

I have changed the RE to a form that does not backtrack, and it now exits
quickly.

Thanks to everyone who responded, and sorry for wasting your time.

--

 pgpk -a finger://gonzo.wolfenet.com/jhardin    PGP key ID: 0x41EA94F5
 PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76
-----------------------------------------------------------------------
  Your mouse has moved. Windows NT must be restarted for the change
  to take effect. Reboot now?  [ OK ]
-----------------------------------------------------------------------
   76 days until Daylight Savings Time ends



Fri, 26 Jan 2001 03:00:00 GMT  
 
 [ 6 post ] 

 Relevant Pages 

1. Possible bug pl 18/19 bug in file I/O SunOS 4.1.1 SPARC

2. possible bug: what=bug in h2ph platform=solaris2.4 perlversion=5.000

3. Possible solution for too long list problem requested.

4. Schedule+ meeting request possible with Net::SMTP?

5. Are local file handles possible in perl5

6. Possible to pass file(handle|descriptor) across socket?

7. Request for Comments: Exception Handling

8. REQUEST: for indent which handles perl code

9. Apache::Sandwich (or analog) handling POST requests

10. A brief request (string handling)

11. CGI Scripts With MacPerl: How to Handle Multiple Requests for the Same Script

12. Request for simple text file handling program

 

 
Powered by phpBB® Forum Software