Project

General

Profile

Backport #5149

Specific combination of regexp and string causes 100% CPU and doesn't recover

Added by gregory.mostizky (Gregory Mostizky) about 9 years ago. Updated about 4 years ago.

Status:
Rejected
Priority:
Normal
[ruby-core:38725]

Description

Specific combination of regexp and string can cause ruby process to hang with 100% CPU.

Reproducing (in irb):
/\A(?:%\h\h|[%]+)*\z/ =~ "199542328.1312293792.1.1.utmcsr%3Dgoogle%7Cutmccn%"
(above hangs indefinably with 100% cpu)
/\A(?:%\h\h|[%]+)*\z/ =~ "199542328.1312293792.1.1.utmcsr%3Dgoogle%7Cutmccn"
(same but without % at the end returns succesfully)

The code in question is found in Rack:Utils (v1.3.2, not used in v1.2.1) and can basically "kill" any server process (happened to us in production on a thin machine after we upgraded to newer rack). The above bug means that it is very easy to perform DoS on affected ruby server.


Files

uri.patch (416 Bytes) uri.patch regularfry (Alex Young), 08/03/2011 01:15 AM

Related issues

Has duplicate Ruby master - Bug #5322: URI.decode_www_form_component very slow with certain inputsClosed09/14/2011Actions

Also available in: Atom PDF