Uploaded image for project: 'Chukwa'
  1. Chukwa
  2. CHUKWA-642

Unvalidated Regular Expression Usage

    Details

      Description

      There are seven additional places in Chukwa where regular expressions are used without first being validated as syntactically valid regular expressions. These could lead to unhelpful PatternSyntaxException strack traces instead of useful error messages. Unfortunately, I was not able to produce test conditions to highlight any of these issues.

      The attached patch fixes the issues. Note that the patch adds a small RegexUtil class with helper methods to determine whether a String is a valid regular expression and to generate error messages for invalid regular expressions. I feel that these helper methods are more readable than catching the PatternSyntaxException. Furthermore, they allow simpler re-use if needed elsewhere.

      I discovered these bugs using a tool named the Regex Checker (http://types.cs.washington.edu/checker-framework/current/checkers-manual.html#regex-checker). If you periodically run it on your codebase, then you will learn of other errors like this as soon as they appear. If you are interested, I can share my annotations for Chukwa, which will enable you to run the Regex Checker yourself without any additional effort.

        Attachments

        1. CHUKWA-642.patch
          12 kB
          Eric Spishak
        2. CHUKWA-642-1.patch
          12 kB
          Eric Spishak
        3. CHUKWA-642-2.patch
          28 kB
          Eric Spishak

          Activity

            People

            • Assignee:
              espishak Eric Spishak
              Reporter:
              espishak Eric Spishak
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: