1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-24 14:30:56 +01:00

Prevent "commit message magic words" parser from exploding on "reverts aaaa.....aaz"

Summary:
Fixes T9268. Currently, we try to match any string like "a2f313f1" as a commit/revision, so short hashes will get picked up.

However, we don't require a word boundary or terminal after the match, so for input like "aaa...aaaaz" the engine can get stuck trying to split the string into sub-matches.

That is, in the original case, the input "aaaz" had valid matches against `[rA-Z0-9a-f]+` up to "z" of:

  aaa
  aa a
  a aa
  a a a

All of these will fail once it hits "z", but it has to try them all. This complexity is explosive with longer strings.

Instead, require a word boundary or EOL after the match, so this is the only valid match:

  aaa

Then the engine sees the "z", says "nope, no match" and doesn't have to backtrack across all possible combinations.

Test Plan: Added a failing unit test, applied patch, clean test.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9268

Differential Revision: https://secure.phabricator.com/D13997
This commit is contained in:
epriestley 2015-08-26 09:35:23 -07:00
parent 779a612e41
commit 10966519e2
2 changed files with 5 additions and 2 deletions

View file

@ -76,6 +76,9 @@ final class DifferentialCustomFieldRevertsParserTestCase
),
),
// This tests a degenerate regex behavior, see T9268.
'Reverts aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaz' => array(),
"This doesn't revert anything" => array(),
'nonrevert of r11' => array(),
'fixed a bug' => array(),

View file

@ -24,8 +24,8 @@ abstract class PhabricatorCustomFieldMonogramParser
'(?:^|\b)'.
$prefix_regex.
$infix_regex.
'((?:'.$monogram_pattern.'[,\s]*)+)'.
'(?:\band\s+('.$monogram_pattern.'))?'.
'((?:'.$monogram_pattern.'(?:\b|$)[,\s]*)+)'.
'(?:\band\s+('.$monogram_pattern.'(?:\b|$)))?'.
$suffix_regex.
'(?:$|\b)'.
'/';