Skip to content

Painless Safety: Regexes #49873

New issue
New issue
Closed
#63029
Closed
Painless Safety: Regexes#49873
#63029
Assignees
stu-elastic
Labels
:Core/Infra/ScriptingScripting abstractions, Painless, and MustacheTeam:Core/InfraMeta label for core/infra team
@stu-elastic

Description

@stu-elastic
stu-elastic
opened on Dec 5, 2019

The painless regex engine can have unbounded memory and/or CPU usage, leading to a cumbersome user settings to turn on/off. If regexes were safer, we could be safe when they are on and thus remove the setting.

We'll achieve this by setting a max number of characters to consider.

The setting can initially be global, but we can make it per context or even as a compiler setting/option. For the latter, we need to develop an api for passing the options.

Related: #30139

Metadata

Metadata

Assignees

Labels

:Core/Infra/ScriptingScripting abstractions, Painless, and MustacheTeam:Core/InfraMeta label for core/infra team

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions