12 May 2017

Catastrophic Regexp (again)

Hitting a stuck thread:
"main" prio=5 tid=0x00007fd577005800 nid=0x1c03 runnable [0x00007000035db000]
   java.lang.Thread.State: RUNNABLE
    at java.util.regex.Pattern$5.isSatisfiedBy(Pattern.java:5151)
    at java.util.regex.Pattern$5.isSatisfiedBy(Pattern.java:5151)
    at java.util.regex.Pattern$CharProperty.match(Pattern.java:3694)
    at java.util.regex.Pattern$Curly.match0(Pattern.java:4158)
    at java.util.regex.Pattern$Curly.match(Pattern.java:4132)
    at java.util.regex.Pattern$Start.match(Pattern.java:3408)
    at java.util.regex.Matcher.search(Matcher.java:1199)
    at java.util.regex.Matcher.find(Matcher.java:592)
    at java.util.regex.Pattern.split(Pattern.java:1200)
    at java.lang.String.split(String.java:2313)
    at RegExpTest.main(RegExpTest.java:28)

Once again it's a "stuck" thread for the catastrophic issue in regexp:
https://github.com/devwebcl/regexp-playground/blob/master/src/main/java/cl/devweb/regexp/exploit/JxlsBug.java


Posted by at
Labels: , ,

No comments :

Post a Comment

Subscribe to: Post Comments ( Atom )

Blog Archive

Disclaimer

The views expressed on this blog are my own and do not necessarily reflect the views of Oracle.