Page MenuHomePhorge

Rewrite regex for project names to be not prone to catastrophic backtracking
ClosedPublic

Authored by pppery on Nov 23 2024, 21:08.

Details

Summary

Fixes T15371

Test Plan
  • Save the text {{#translation:}} in remarkup and see that it renders.
  • Create a project or projects with the hashtags a, b, ab, foo, f.o.o.
  • Observe that both before and after this patch you can link to all of them by hashtag.
  • Create a project or projects with the hashtags a., .b, .foo, foo..
  • Observe that both before and after this patch you can link to none of them by hashtag.

Diff Detail

Repository
rP Phorge
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

pppery requested review of this revision.Nov 23 2024, 21:08

https://devina.io/redos-checker says the new regex is still prone to polynomial backtracking, but that can happen only on extremely contrived input, whereas the old one was exponential on a common case.

(I still need to understand the old intentions on the old regex, and the new one, but it seems much magically readable, thanks)

src/applications/project/remarkup/ProjectRemarkupRule.php
49

(pls restore this super-supa-important newline at line 49 lol)

aklapper subscribed.

Big thanks for digging deep into that regex (on which I gave up).

The proposed code change seems correct to me:

  • Given an existing project tag #whatever, I entered various strings like {{{#whatever:}}}, {{{#whatever_}}}, {{#whatever:}}, {{#whatever}}, {{#whatever_}}, {#whatever}, {#whatever:}, {#whatever } and always got something reasonable™ rendered in the task comment preview without any errors or exceptions in the error log.
  • Entering the existing project tag #projectwithcolon: (note the colon at the end) renders an additional (second) colon as suffix but this also already happens in current git master without this very patch applied thus not a regression.

Please feel free to arc land after a git rebase master (as this patch seems to be against master branch and not in a dedicated branch).

This revision is now accepted and ready to land.Dec 3 2024, 22:42