CWE-186 过度严格的正则表达式
Overly Restrictive Regular Expression
结构: Simple
Abstraction: Base
状态: Draft
被利用可能性: unkown
基本描述
A regular expression is overly restrictive, which prevents dangerous values from being detected.
扩展描述
This weakness is not about regexp complexity. Rather It is about a regular expression that does not match all values that are intended. Consider the use of a regexp to whitelist acceptable values or to blacklist unwanted terms. An overly restrictive regexp misses some potentially security-relevant values leading to either false positives or false negatives, depending on how the regexp is being used within the code. Consider the expression /[0-8]/ where the intention was /[0-9]/. This expression is not “complex” but the value “9” is not matched when maybe the programmer planned to check for it.
相关缺陷
-
cwe_Nature: ChildOf cwe_CWE_ID: 185 cwe_View_ID: 1000 cwe_Ordinal: Primary
-
cwe_Nature: ChildOf cwe_CWE_ID: 185 cwe_View_ID: 699 cwe_Ordinal: Primary
-
cwe_Nature: CanAlsoBe cwe_CWE_ID: 184 cwe_View_ID: 1000
-
cwe_Nature: CanAlsoBe cwe_CWE_ID: 183 cwe_View_ID: 1000
适用平台
Language: {'cwe_Class': 'Language-Independent', 'cwe_Prevalence': 'Undetermined'}
常见的影响
| 范围 | 影响 | 注释 |
|---|---|---|
| Access Control | Bypass Protection Mechanism |
可能的缓解方案
Implementation
策略:
Regular expressions can become error prone when defining a complex language even for those experienced in writing grammars. Determine if several smaller regular expressions simplify one large regular expression. Also, subject your regular expression to thorough testing techniques such as equivalence partitioning, boundary value analysis, and robustness. After testing and a reasonable confidence level is achieved, a regular expression may not be foolproof. If an exploit is allowed to slip through, then record the exploit and refactor your regular expression.
分析过的案例
| 标识 | 说明 | 链接 |
|---|---|---|
Notes
分类映射
| 映射的分类名 | ImNode ID | Fit | Mapped Node Name |
|---|---|---|---|
| PLOVER | Overly Restrictive Regular Expression |