Vulnerability

Regular expressions should not allow Denial of Service attacks

Description

    This PowerBuilder code rule states that regular expressions should not be used in a way that could result in a Denial of Service (DoS) attack. A DoS attack is an attack that attempts to make a system or network resource unavailable to its intended users. Regular expressions can be used to match patterns in strings, but they can also be used to create malicious input that can overwhelm a system with requests. To prevent DoS attacks, regular expressions should be used with caution and be thoroughly tested before being deployed in a production environment.

Key Benefits

  • Denial of Service Protection: Regular expressions should not allow Denial of Service attacks, which can be used to make a system or network resource unavailable.
  • Increased Security: Regular expressions can help to ensure that only valid input is accepted, which can help to prevent malicious attacks.
  • Improved Performance: Regular expressions can help to reduce the amount of processing time needed to validate input, which can improve system performance.

 

Non-compliant Code Example

global function string matchRegexTest2 (string regPattern)
string findtext
findtext = "Hello test"
Match(findtext, regPattern)
Return regPattern
end function

Compliant Code Example

global function string matchRegexTest1 (string regPattern)
Match("hi test123", "^[A-Za-z]")
Return regPattern
end function
Visual Expert 2023
 VEPBRULE17