Tutorial :Is RegEx from user input safe?



Question:

I'm working on an app that needs to accept a RegEx from the user, to do so I'm using the following code:

Regex user_searchPattern = new Regex(this.userInput_regEx.Text);  

Is doing this safe?
Is there a need to sanitize the user input, and if so how?


Solution:1

You might get an error if the regular expression has an invalid syntax or it might consume a exponential amount of time and space when processed if a so-called pathological regular expression is tested on some particular string.


Solution:2

User input is always evil. What do you mean with "safe". Can it contain errors that will make your code throw an exception or fail in some other way? Yes, it certainly can, so you should be prepared for that of course.


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »