Re^2: Untaint a string match, regular expression.

Thank you for this, RE2 looks like a great option. Make sure at add (-strict => 1) to your use statement or re::engine::RE2 will fall back to perl's re.

Comment on Re^2: Untaint a string match, regular expression.

Replies are listed 'Best First'.
Re^3: Untaint a string match, regular expression. by cheako (Beadle) on May 19, 2015 at 02:59 UTC
The following is a quote from junyer, owner of the project on github. RE2 was designed and implemented with an explicit goal of being able to handle regular expressions from untrusted users without risk. One of its primary guarantees is that the match time is linear in the length of the input string. It was also written with production concerns in mind: the parser, the compiler and the execution engines limit their memory usage by working within a configurable budget – failing gracefully when exhausted – and they avoid stack overflow by eschewing recursion.	[reply]

Replies are listed 'Best First'.

Re^3: Untaint a string match, regular expression.
by cheako (Beadle) on May 19, 2015 at 02:59 UTC

The following is a quote from junyer, owner of the project on github.

RE2 was designed and implemented with an explicit goal of being able to handle regular expressions from untrusted users without risk. One of its primary guarantees is that the match time is linear in the length of the input string. It was also written with production concerns in mind: the parser, the compiler and the execution engines limit their memory usage by working within a configurable budget – failing gracefully when exhausted – and they avoid stack overflow by eschewing recursion.

[reply]