CAPEC-492: Regular Expression Exponential Blowup
Standard
Draft
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
An adversary may execute an attack on a program that uses a poor Regular Expression(Regex) implementation by choosing input that results in an extreme situation for the Regex. A typical extreme situation operates at exponential time compared to the input size. This is due to most implementations using a Nondeterministic Finite Automaton(NFA) state machine to be built by the Regex algorithm since NFA allows backtracking and thus more complex regular expressions.
前提条件
- This type of an attack requires the ability to identify hosts running a poorly implemented Regex, and the ability to send crafted input to exploit the regular expression.
缓解措施
Test custom written Regex with fuzzing to determine if the Regex is a poor one. Add timeouts to processes that handle the Regex logic. If an evil Regex is found rewrite it as a good Regex.
分类映射
| 分类名称 | 条目ID | 条目名称 |
|---|---|---|
| OWASP Attacks | - | Regular expression Denial of Service - ReDoS |