Overly Restrictive Regular ExpressionID: 186 | Date: (C)2012-05-14 (M)2022-10-10 |
Type: weakness | Status: DRAFT |
Abstraction Type: Base |
Description
A regular expression is overly restrictive, which prevents
dangerous values from being detected.
Applicable PlatformsLanguage Class: All
Time Of Introduction
Common Consequences
Scope | Technical Impact | Notes |
---|
Access_Control | Bypass protection
mechanism | |
Detection MethodsNone
Potential Mitigations
Phase | Strategy | Description | Effectiveness | Notes |
---|
Implementation | | Regular expressions can become error prone when defining a complex
language even for those experienced in writing grammars. Determine if
several smaller regular expressions simplify one large regular
expression. Also, subject your regular expression to thorough testing
techniques such as equivalence partitioning, boundary value analysis,
and robustness. After testing and a reasonable confidence level is
achieved, a regular expression may not be foolproof. If an exploit is
allowed to slip through, then record the exploit and refactor your
regular expression. | | |
RelationshipsCan overlap whitelist/blacklist errors.
Related CWE | Type | View | Chain |
---|
CWE-186 ChildOf CWE-896 | Category | CWE-888 | |
Demonstrative ExamplesNone
Observed Examples
- CVE-2005-1604 : MIE. ".php.ns" bypasses ".php$" regexp but is still parsed as PHP by Apache. (manipulates an equivalence property under Apache)
For more examples, refer to CVE relations in the bottom box.
White Box Definitions None
Black Box Definitions None
Taxynomy Mappings
Taxynomy | Id | Name | Fit |
---|
PLOVER | | Overly Restrictive Regular Expression | |
References:None