Hyperscan is generally vulnerable to regular expression denial of service (ReDoS)

Functions for Searching in Strings | ClickHouse Docs https://clickhouse.com/docs/en/sql-reference/functions/string-search-functions

Hyperscan is generally vulnerable to regular expression denial of service (ReDoS) attacks (e.g. see (here)[https://www.usenix.org/conference/usenixsecurity22/presentation/turonova], (here)[https://doi.org/10.1007/s10664-021-10033-1] and (here)[https://doi.org/10.1145/3236024.3236027]. Users are adviced to check the provided patterns carefully.

 

 

 

posted @ 2024-05-17 18:04  papering  阅读(12)  评论(0编辑  收藏  举报