Scripting: enable regular expressions by default (#63029)#63272
Merged
stu-elastic merged 2 commits intoelastic:7.xfrom Oct 5, 2020
Merged
Scripting: enable regular expressions by default (#63029)#63272stu-elastic merged 2 commits intoelastic:7.xfrom
stu-elastic merged 2 commits intoelastic:7.xfrom
Conversation
* Setting `script.painless.regex.enabled` has a new option, `use-factor`, the default. This defaults to using regular expressions but limiting the complexity of the regular expressions. In addition to `use-factor`, the setting can be `true`, as before, which enables regular expressions without limiting them. `false` totally disables regular expressions, which was the old default. * New setting `script.painless.regex.limit-factor`. This limits regular expression complexity by limiting the number characters a regular expression can consider based on input length. The default is `6`, so a regular expression can consider `6` * input length number of characters. With input `foobarbaz` (length `9`), for example, the regular expression can consider `54` (`6 * 9`) characters. This reduces the impact of exponential backtracking in Java's regular expression engine. * add `@inject_constant` annotation to whitelist. This annotation signals that a compiler settings will be injected at the beginning of a whitelisted method. The format is `argnum=settingname`: `1=foo_setting 2=bar_setting`. Argument numbers must start at one and must be sequential. * Augment `Pattern.split(CharSequence)` `Pattern.split(CharSequence, int)`, `Pattern.splitAsStream(CharSequence)` `Pattern.matcher(CharSequence)` to take the value of `script.painless.regex.limit-factor` as a an injected parameter, limiting as explained above when this setting is in use. Fixes: elastic#49873
Collaborator
|
Pinging @elastic/es-core-infra (:Core/Infra/Scripting) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Setting
script.painless.regex.enabledhas a new option,use-factor, the default. This defaults to using regularexpressions but limiting the complexity of the regular
expressions.
In addition to
use-factor, the setting can betrue, asbefore, which enables regular expressions without limiting them.
falsetotally disables regular expressions, which was theold default.
New setting
script.painless.regex.limit-factor. This limitsregular expression complexity by limiting the number characters
a regular expression can consider based on input length.
The default is
6, so a regular expression can consider6* input length number of characters. With inputfoobarbaz(length9), for example, the regular expressioncan consider
54(6 * 9) characters.This reduces the impact of exponential backtracking in Java's
regular expression engine.
add
@inject_constantannotation to whitelist.This annotation signals that a compiler settings will
be injected at the beginning of a whitelisted method.
The format is
argnum=settingname:1=foo_setting 2=bar_setting.Argument numbers must start at one and must be sequential.
Augment
Pattern.split(CharSequence)Pattern.split(CharSequence, int),Pattern.splitAsStream(CharSequence)Pattern.matcher(CharSequence)to take the value of
script.painless.regex.limit-factoras aan injected parameter, limiting as explained above when this
setting is in use.
Fixes: #49873
Backport of: 93f29a4