Possible Duplicate:
Sanitization of User-Supplied Regular Expressions in PHP
Let's say you want to let users search for something and your search function has the ability to accept regular expressions.
Is it OK to let site users to search by regexes that they post? From a user's point of view, I'd love a site which would let me do that :D
Is there any security risk involved? How can I sanitize a regex?
分享 The main risk is that the regular expression is very complex and will run for ages or reach the recursion limit of the engine. See this article. Other risks may occur if you let your users user regex replacement in the wrong places, because that introduces the risk of code injection. But matching itself cannot really do any other harm than DoSing your server.
There has been a question recently on how to recognize these dangerous regexes and the consensus was that it is not generally possible. See the question.
You are probably best off by restricting the time your regex search can take and abort it if it takes too long.
分享
