Created
July 15, 2014 17:44
-
-
Save kindkid/474815c0de77ff4fd819 to your computer and use it in GitHub Desktop.
Guarding against a user-supplied catastrophic regular expression
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import re | |
import os | |
import sys | |
import time | |
import signal | |
from contextlib import contextmanager | |
@contextmanager | |
def timeout(seconds, exceptionClass): | |
old_alarm = signal.alarm(seconds) | |
if old_alarm < seconds: | |
signal.alarm(old_alarm) | |
yield | |
return | |
def timeout_handler(signum, frame): raise exceptionClass() | |
old_handler = signal.signal(signal.SIGALRM, timeout_handler) | |
start = time.time() | |
try: | |
yield | |
finally: | |
signal.alarm(0) | |
signal.signal(signal.SIGALRM, old_handler) | |
if old_alarm > 0: | |
spent = time.time() - start | |
old_alarm -= spent | |
if old_alarm < 0: | |
os.kill(os.getpid(), signal.SIGALRM) | |
else: | |
old_alarm = int(round(old_alarm)) | |
if old_alarm == 0: old_alarm = 1 | |
signal.alarm(old_alarm) | |
class TimeoutException(Exception): pass | |
n = 28 | |
r = re.compile("a?"*n + "a"*n) | |
start = time.time() | |
signal.alarm(5) | |
try: | |
for i in range(0,3): | |
with timeout(2, TimeoutException): | |
try: | |
r.match("a"*n) | |
except TimeoutException: | |
print "timed out!" | |
finally: | |
print time.time() - start | |
time.sleep(5) | |
finally: | |
print time.time() - start |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment