慢正则表达式解释 [英] Slow Regular Expression Explanation
问题描述
有人可以提供下面正则表达式的详细解释吗?
我正在检查.NET Framework 4.5中引入的一些功能和一个提到的好处是 Regex Timeout 。
在示例中使用以下正则表达式:
^(\d +)+ $
在以下文字:
123453109839109283090492309480329489812093809x
并且需要很长时间才能得出结果。
根据我的理解,要求正则表达式从开始到结束匹配一个或多个数字的存在 - 一次或多次。这是最后一个+标志让我感到困惑。
问题:
1.最后 + 标志的目的是什么?
2.为什么正则表达式会立即返回 $ 标志丢失了吗?
3.您能否提供逐步表达Regex如何开始执行的事情?
谢谢:)
关于以下文字:
123453109839109283090492309480329489812093809x并且需要很长时间才能得出结果。
根据我的理解,要求Regex匹配来自从一端开始到一个或多个数字的存在 - 一次或多次。这是最后一个+标志让我感到困惑。
问题:
1.最后 + 标志的目的是什么?
2.为什么正则表达式会立即返回
标志丢失了吗?
3.你能提供一步一步的东西吗?表达正则表达式将如何开始执行?
谢谢:)
你只有一个'邪恶'表达式.. 。
https://www.owasp.org /index.php/Regular_expression_Denial_of_Service_-_ReDoS [ ^ ]
它将正则表达式引擎(不仅仅是.NET,还有其他人)发送到一个看起来无法找到的无限循环中。
Can someone please provide a thorough explanation of what's going on with the Regex below?
I was checking some of the features introduced in .NET Framework 4.5 and one of the mentioned benefits was Regex Timeout.
In the example the following Regex is used:
^(\d+)+$
on the following text:
123453109839109283090492309480329489812093809x
and it takes ages to come up with a result.
From what I understand the Regex is asked to match from the start to the end the existence of one or more digits - one or more times. And it is this last + sign that is confusing me.
Questions:
1. What is the purpose of the last + sign?
2. Why does the Regex return instantly if the $ sign is missing?
3. Can you provide a 'step-by-step' sort of thing expressing how the Regex will begin execution?
Thanks :)
on the following text:
123453109839109283090492309480329489812093809xand it takes ages to come up with a result.
From what I understand the Regex is asked to match from the start to the end the existence of one or more digits - one or more times. And it is this last + sign that is confusing me.
Questions:
1. What is the purpose of the last + sign?
2. Why does the Regex return instantly if the
sign is missing?
3. Can you provide a 'step-by-step' sort of thing expressing how the Regex will begin execution?
Thanks :)
You just have one of those 'evil' expressions...
https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS[^]
It sends the regex engine (not just the .NET but others too) into an infinite loop of looking something that can't be found...
这篇关于慢正则表达式解释的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!