Regular expressions (regexes) are widely used in different fields of computer science such as programming languages, string processing and databases. However, existing tools for synthesizing or repairing regexes were not designed to be resilient to Regex Denial of Service (ReDoS) attacks. Specifically, if a regex has super-linear (SL) worst-case complexity, an attacker could provide carefully-crafted inputs to launch ReDoS attacks. Therefore, in this paper, we propose a programming-by-example framework, FlashRegex, for generating anti-ReDoS regexes by either synthesizing or repairing from given examples. It is the first framework that integrates regex synthesis and repair with the awareness of ReDoS-vulnerabilities.We present novel algorithms to deduce anti-ReDoS regexes by reducing the ambiguity of these regexes and by using Boolean Satisfiability (SAT) or Neighborhood Search (NS) techniques. We evaluate FlashRegex with five related state-of-the-art tools. The evaluation results show that our work can effectively and efficiently generate anti-ReDoS regexes from given examples, and also reveal that existing synthesis and repair tools have neglected ReDoS-vulnerabilities of regexes. Specifically, the existing synthesis and repair tools generated up to 394 ReDoS-vulnerable regex within few seconds to more than one hours, while FlashRegex generated no SL regex within around five seconds. Furthermore, the evaluation results on ReDoS-vulnerable regex repair also show that FlashRegex has better capability than existing repair tools and even human experts, achieving 4 more ReDoS-invulnerable regex after repair without trimming and resorting, highlighting the usefulness of FlashRegex in terms of generality, automation and user-friendliness.
Institute of Software, Chinese Academy of Sciences; University of Chinese Academy of Sciences
Department of Computer Science and Engineering, The Hong Kong University of Science and Technology
Wed 23 SepDisplayed time zone: (UTC) Coordinated Universal Time change
09:10 - 10:10
|Just-In-Time Reactive Synthesis|
|FlashRegex: Deducing Anti-ReDoS Regexes from Examples|
Yeting Li Institute of Software, Chinese Academy of Sciences; University of Chinese Academy of Sciences, Zhiwu Xu Shenzhen University, Jialun Cao Department of Computer Science and Engineering, The Hong Kong University of Science and Technology, Haiming Chen Institute of Software, Chinese Academy of Sciences, Tingjian Ge University of Massachusetts, Lowell, Shing-Chi Cheung Hong Kong University of Science and Technology, China, Haoren Zhao Shaanxi Normal University, Xi'an, China