[7640] in bugtraq
Re: Eudora executes (Java) URL
daemon@ATHENA.MIT.EDU (High Tide)
Wed Aug 12 18:33:42 1998
Date: Wed, 12 Aug 1998 10:29:08 -0500
Reply-To: High Tide <hightide@GINCH.ORG>
From: High Tide <hightide@GINCH.ORG>
X-To: Alec Kosky <alec@dakotacom.net>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <XFMail.980811153412.alec@dakotacom.net>
> Actually, I believe the RE that you are looking for is this:
> s/<\s*BODY\s+((([^">]+("(\\.|[^"])*")?)*)ONLOAD)*?\s*/<BODY $1
> DEFANGED-ONLOAD/gi;
Actually, I believe this discussion should be taken off bugtraq unless
someone knows how to fix the backtracking problem that I don't think even
made it to the list.
The problem is with the second (in the above expression) +, and the third
*. What happens is as the regex is processing <BODY 123> it ends up
trying to find a match in with the following values for the [^">]+ :
123
12 3
1 23
1 2 3
I don't know if that makes any sense to you, but it's a exponential load
result, 2^(n-1) where n = len($x). Try this regex on
<BODY $x>
for large values of len($x).
Sean Bastille
