[systemd-devel] Bump: Testing LogFilterPatterns= on user-level services
Nils Kattenbeck
nilskemail at gmail.com
Fri Jan 26 12:01:33 UTC 2024
> Interepreting arbitrary regexes configured by unpriv code in priv code
> comes at some risk,. becose afair constructing them can come at O(2^n)
> time, i.e. a rogue regex could make use consume unbounded time on
> processing journal messages.
>
> Hence, I wouldn't hold your breath. Unless someone figures out a smart
> way to deal with this it's unlikely to be supported.
I am not sure about construction but checking for matches with
arbitrary regexes can definitely result in DOS.
Restricting the allowed features, however, alleviates this problem.
E.g. the rust regex crate can check in O(m*n) with m = Regex Size and
n = Input size.
It does this by now allowing (amongst other things) no look-arounds or backrefs.
I am not sure how configurable pcre2pattern is but maybe the supported
features could be restricted for regexes from users.
Nils
More information about the systemd-devel
mailing list