safe-regex
detect potentially
catastrophic
exponential-time
regular expressions by limiting the
star height to 1
WARNING: This module merely seems to work given all the catastrophic regular
expressions I could find scouring the internet, but I don't have enough of a
background in automata to be absolutely sure that this module will catch all
exponential-time cases.
example
var safe = require('safe-regex');
var regex = process.argv.slice(2).join(' ');
console.log(safe(regex));
$ node safe.js '(x+x+)+y'
false
$ node safe.js '(beep|boop)*'
true
$ node safe.js '(a+){10}'
false
$ node safe.js '\blocation\s*:[^:\n]+\b(Oakland|San Francisco)\b'
true
methods
var safe = require('safe-regex')
var ok = safe(re)
Return a boolean ok
whether or not the regex re
is safe and not possibly
catastrophic.
re
can be a RegExp
object or just a string.
install
With npm do:
npm install safe-regex
license
MIT