In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-17 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >
Share
Shulou(Shulou.com)06/02 Report--
This article mainly introduces the example analysis of functional vulnerabilities caused by the misuse of regex in regular expressions, which is very detailed and has a certain reference value. Interested friends must read it!
Regular expression its powerful string matching function, resulting in a variety of program languages, are very popular! It is used to describe or match a series of strings that conform to a syntactic rule. Many people just use regular expressions from hearing about it, and then search the Internet when they want to use it. Few people learn regular expressions systematically from the beginning, using the system to learn from definition principles. Because, corresponding beginners think it is too troublesome, a lot of original characters. I have a headache when I see such a long string of characters. Therefore, I don't bother to study. Generally encounter problems, go directly to the Internet to search. Such as: "mailbox regular expression, cell phone number regular expression, url regular expression …", we found a very interesting phenomenon, "how can mailbox regular expression be various, url regular expression is also different", all are recommended, all say they are correct, which is correct in the end?
From different regular expressions, we can draw two conclusions. First, regular expressions are very flexible, and multiple methods can achieve the same result (all roads lead to Rome). Second, regular expression matching results need to be verified, and complex regular expressions are easy to produce mismatches. Today, instead of talking about regular expression flexibility, let's take a look at common examples of regular expression misuse, resulting in functional vulnerabilities. Hopefully, we will pay more attention to it when using it. The following examples, come from self-work audit code, there are often examples, friends are also welcome to add!
The delimiter'^ $'is missing bug
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
