This repository has been archived by the owner on Jan 28, 2023. It is now read-only.
Process runaway on some user agentsq #113
Labels
Comments
|
Could you provide your test cases via a Pull Request? |
|
@mallat since the regex comes from the database, this might be worth investigating in case the current version of the database still uses the same regex for CFNetwork. |
|
@mallat and @HaraldWalker that would be great if we fix this regular expression in case it still exists. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
When performing a security analysis on some of our servers, we noticed some performance issues related to the useragent detection logic. The code seemed to hang in the regex matching loop, on the find call on line 167 of AbstractUserAgentStringParser (version 201410).
Looking deeper the troublesome useragent is
and some of the matching regex's are
.*\/.*CFNetwork\/(602|609|609\.1\.4) Darwin\/.*\/.*CFNetwork\/(672\.0\.2|672\.0\.8|672\.1\.12|672\.1\.13|672\.1\.14|672\.1\.15) Darwin\/.*\/.*CFNetwork\/(485\.2|485\.10\.2|485\.12\.7|485\.12\.30|485\.13\.9) Darwin\/There are more issues, but running the detector against the current code / database locks up the CPU and thread until completed. I'm running it locally now in a test case and it still hasn't completed in 20 minutes.
The text was updated successfully, but these errors were encountered: