zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-13 07:57:13 +02:00
Code Issues Projects Releases Packages Wiki Activity

Prefer re2 over java.util.regex

Browse source 
Java's stock regex implementation doesn't guarantee linear time
complexity which makes it a security liability.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=121159875
This commit is contained in:
jart 2016-04-29 15:54:39 -07:00 committed by Justine Tunney
parent 3291eb8b70
commit 6082146d55
42 changed files with 64 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

1
java/google/registry/model/BUILD
View file

@ -89,6 +89,7 @@ java_library(
"//third_party/java/jsr305_annotations",
"//third_party/java/jsr330_inject",
"//third_party/java/objectify:objectify-v4_1",
"//third_party/java/re2j",
"//third_party/java/servlet/servlet_api",
"//java/google/registry/config",
"//java/google/registry/util",

2
java/google/registry/model/registrar/Registrar.java
View file

@ -43,6 +43,7 @@ import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.ImmutableSortedSet;
import com.google.common.collect.Sets;
import com.google.re2j.Pattern;
import com.googlecode.objectify.Key;
import com.googlecode.objectify.Work;
@ -76,7 +77,6 @@ import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.regex.Pattern;
/** Information about a registrar. */
@Cache(expirationSeconds = RECOMMENDED_MEMCACHE_EXPIRATION)

1
java/google/registry/rdap/BUILD
View file

@ -23,6 +23,7 @@ java_library(
"//third_party/java/jsr305_annotations",
"//third_party/java/jsr330_inject",
"//third_party/java/objectify:objectify-v4_1",
"//third_party/java/re2j",
"//third_party/java/servlet/servlet_api",
"//java/google/registry/config",
"//java/google/registry/model",

2
java/google/registry/rdap/RdapActionBase.java
View file

@ -29,6 +29,7 @@ import com.google.common.base.Optional;
import com.google.common.collect.ImmutableMap;
import com.google.common.net.InternetDomainName;
import com.google.common.net.MediaType;
import com.google.re2j.Pattern;
import com.googlecode.objectify.cmd.Query;
@ -47,7 +48,6 @@ import org.json.simple.JSONValue;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.regex.Pattern;
import javax.inject.Inject;

3
java/google/registry/rdap/RdapEntityAction.java
View file

@ -20,6 +20,7 @@ import static google.registry.request.Action.Method.HEAD;
import com.google.common.base.Optional;
import com.google.common.collect.ImmutableMap;
import com.google.re2j.Pattern;
import com.googlecode.objectify.Key;
@ -32,8 +33,6 @@ import google.registry.request.HttpException.BadRequestException;
import google.registry.request.HttpException.NotFoundException;
import google.registry.util.Clock;
import java.util.regex.Pattern;
import javax.inject.Inject;
/**

1
java/google/registry/rde/BUILD
View file

@ -28,6 +28,7 @@ java_library(
"//third_party/java/jsr305_annotations",
"//third_party/java/jsr330_inject",
"//third_party/java/objectify:objectify-v4_1",
"//third_party/java/re2j",
"//third_party/java/servlet/servlet_api",
"//java/google/registry/config",
"//java/google/registry/gcs",

4
java/google/registry/rde/RdeUtil.java
View file

@ -18,6 +18,8 @@ import static google.registry.util.HexDumper.dumpHex;
import static java.nio.charset.StandardCharsets.UTF_8;
import com.google.common.io.BaseEncoding;
import com.google.re2j.Matcher;
import com.google.re2j.Pattern;
import google.registry.xjc.rde.XjcRdeRrType;
import google.registry.xml.XmlException;
@ -30,8 +32,6 @@ import org.joda.time.format.ISODateTimeFormat;
import java.io.BufferedInputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/** Helper methods for RDE. */
public final class RdeUtil {

6
java/google/registry/repositories.bzl
View file

@ -508,6 +508,12 @@ def domain_registry_repositories():
sha1 = "f7122f6ab1f64bdf9f5970b0e89bfb355e036897",
)
native.maven_jar(
name = "re2j",
artifact = "com.google.re2j:re2j:1.1",
sha1 = "d716952ab58aa4369ea15126505a36544d50a333",
)
native.maven_jar(
name = "servlet_api",
artifact = "org.apache.tomcat:servlet-api:6.0.20",

1
java/google/registry/tldconfig/idn/BUILD
View file

@ -17,6 +17,7 @@ java_library(
"//third_party/java/joda_time",
"//third_party/java/jsr305_annotations",
"//third_party/java/objectify:objectify-v4_1",
"//third_party/java/re2j",
"//third_party/java/servlet/servlet_api",
"//java/google/registry/util",
],

4
java/google/registry/tldconfig/idn/IdnTable.java
View file

@ -21,10 +21,10 @@ import com.google.common.base.Optional;
import com.google.common.collect.ImmutableRangeSet;
import com.google.common.collect.Range;
import com.google.common.collect.RangeSet;
import com.google.re2j.Matcher;
import com.google.re2j.Pattern;
import java.net.URI;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/** An IDN table for a particular TLD. */
public final class IdnTable {

2
java/google/registry/tmch/BUILD
View file

@ -28,9 +28,9 @@ java_library(
"//third_party/java/jsr305_annotations",
"//third_party/java/jsr330_inject",
"//third_party/java/objectify:objectify-v4_1",
"//third_party/java/re2j",
"//third_party/java/servlet/servlet_api",
"//java/google/registry/config",
"//java/google/registry/cron",
"//java/google/registry/keyring/api",
"//java/google/registry/model",
"//java/google/registry/request",

2
java/google/registry/tmch/LordnLog.java
View file

@ -20,6 +20,7 @@ import static com.google.common.base.Preconditions.checkNotNull;
import com.google.common.base.Splitter;
import com.google.common.collect.ImmutableMap;
import com.google.re2j.Pattern;
import org.joda.time.DateTime;
@ -27,7 +28,6 @@ import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.regex.Pattern;
import javax.annotation.Nullable;
import javax.annotation.concurrent.Immutable;

4
java/google/registry/tools/AppEngineConnection.java
View file

@ -30,6 +30,8 @@ import com.google.common.collect.Iterables;
import com.google.common.io.CharStreams;
import com.google.common.net.HostAndPort;
import com.google.common.net.MediaType;
import com.google.re2j.Matcher;
import com.google.re2j.Pattern;
import com.beust.jcommander.Parameter;
import com.beust.jcommander.Parameters;
@ -49,8 +51,6 @@ import java.net.URL;
import java.net.URLEncoder;
import java.util.Map;
import java.util.Map.Entry;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/** An http connection to the appengine server. */
@Parameters(separators = " =")

1
java/google/registry/tools/BUILD
View file

@ -73,6 +73,7 @@ java_library(
"//third_party/java/jsr305_annotations",
"//third_party/java/jsr330_inject",
"//third_party/java/objectify:objectify-v4_1",
"//third_party/java/re2j",
"//third_party/java/appengine:appengine-remote-api",

4
java/google/registry/tools/CreateAuctionCreditsCommand.java
View file

@ -27,6 +27,8 @@ import com.google.common.base.Splitter;
import com.google.common.collect.FluentIterable;
import com.google.common.collect.ImmutableMultimap;
import com.google.common.collect.Iterables;
import com.google.re2j.Matcher;
import com.google.re2j.Pattern;
import com.beust.jcommander.Parameter;
import com.beust.jcommander.Parameters;
@ -49,8 +51,6 @@ import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/**
* Command for creating new auction credits based on a CSV file from Pool.

2
java/google/registry/tools/SetupOteCommand.java
View file

@ -20,6 +20,7 @@ import static google.registry.util.X509Utils.loadCertificate;
import com.google.common.base.Optional;
import com.google.common.collect.ImmutableList;
import com.google.re2j.Pattern;
import com.beust.jcommander.Parameter;
import com.beust.jcommander.Parameters;
@ -36,7 +37,6 @@ import org.joda.time.Duration;
import java.nio.file.Path;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Pattern;
import javax.inject.Inject;

1
java/google/registry/tools/params/BUILD
View file

@ -19,6 +19,7 @@ java_library(
"//third_party/java/joda_money",
"//third_party/java/joda_time",
"//third_party/java/jsr305_annotations",
"//third_party/java/re2j",
"//java/google/registry/model",
"//java/google/registry/util",
],

3
java/google/registry/tools/params/PathParameter.java
View file

@ -17,13 +17,14 @@ package google.registry.tools.params;
import static com.google.common.base.Preconditions.checkArgument;
import static com.google.common.base.Preconditions.checkNotNull;
import com.google.re2j.Pattern;
import com.beust.jcommander.ParameterException;
import java.net.URI;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.regex.Pattern;
/** Filesystem path CLI parameter converter/validator. */
public class PathParameter extends ParameterConverterValidator<Path> {

2
java/google/registry/tools/params/PhoneNumberParameter.java
View file

@ -16,7 +16,7 @@ package google.registry.tools.params;
import static com.google.common.base.Preconditions.checkArgument;
import java.util.regex.Pattern;
import com.google.re2j.Pattern;
/** Phone number CLI parameter converter/validator. */
public final class PhoneNumberParameter extends ParameterConverterValidator<String> {

1
java/google/registry/ui/forms/BUILD
View file

@ -12,5 +12,6 @@ java_library(
"//java/com/google/common/base",
"//java/com/google/common/collect",
"//third_party/java/jsr305_annotations",
"//third_party/java/re2j",
],
)

2
java/google/registry/ui/forms/FormField.java
View file

@ -27,12 +27,12 @@ import com.google.common.collect.FluentIterable;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Range;
import com.google.re2j.Pattern;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.regex.Pattern;
import javax.annotation.Detainted;
import javax.annotation.Nonnull;

3
java/google/registry/ui/forms/FormFields.java
View file

@ -21,8 +21,7 @@ import static java.util.Locale.getISOCountries;
import com.google.common.base.Function;
import com.google.common.collect.ImmutableSet;
import java.util.regex.Pattern;
import com.google.re2j.Pattern;
import javax.annotation.Nullable;

2
java/google/registry/ui/server/BUILD
View file

@ -17,7 +17,6 @@ java_library(
"//java/com/google/common/io",
"//java/com/google/common/net",
"//java/google/registry/model",
"//java/google/registry/security",
"//java/google/registry/ui",
"//java/google/registry/ui/forms",
"//java/google/registry/util",
@ -25,6 +24,7 @@ java_library(
"//third_party/java/joda_time",
"//third_party/java/json_simple",
"//third_party/java/jsr305_annotations",
"//third_party/java/re2j",
"//third_party/java/servlet/servlet_api",
"//third_party/closure/templates",

4
java/google/registry/ui/server/RegistrarFormFields.java
View file

@ -23,6 +23,7 @@ import com.google.common.base.Function;
import com.google.common.base.Splitter;
import com.google.common.collect.ImmutableList;
import com.google.common.net.InternetDomainName;
import com.google.re2j.Pattern;
import google.registry.model.registrar.Registrar;
import google.registry.model.registrar.RegistrarAddress;
@ -37,7 +38,6 @@ import java.security.cert.CertificateParsingException;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.regex.Pattern;
import javax.annotation.Nullable;
@ -45,7 +45,7 @@ import javax.annotation.Nullable;
public final class RegistrarFormFields {
public static final Pattern BASE64_PATTERN = Pattern.compile("[+/a-zA-Z0-9]*");
public static final Pattern ASCII_PATTERN = Pattern.compile("\\p{ASCII}*");
public static final Pattern ASCII_PATTERN = Pattern.compile("[[:ascii:]]*");
public static final String ASCII_ERROR = "Please only use ASCII-US characters.";
private static final Function<String, CidrAddressBlock> CIDR_TRANSFORM =

4
java/google/registry/ui/server/SoyTemplateUtils.java
View file

@ -25,6 +25,8 @@ import com.google.common.base.Splitter;
import com.google.common.base.Supplier;
import com.google.common.collect.ImmutableMap;
import com.google.common.io.Resources;
import com.google.re2j.Matcher;
import com.google.re2j.Pattern;
import com.google.template.soy.SoyFileSet;
import com.google.template.soy.SoyUtils;
import com.google.template.soy.base.SoySyntaxException;
@ -40,8 +42,6 @@ import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/** Helper methods for rendering Soy templates from Java code. */
public final class SoyTemplateUtils {

1
java/google/registry/ui/server/registrar/BUILD
View file

@ -16,6 +16,7 @@ java_library(
"//java/com/google/common/collect",
"//java/com/google/common/io",
"//java/com/google/common/net",
"//third_party/java/re2j",
"//java/google/registry/braintree",
"//java/google/registry/config",
"//java/google/registry/export/sheet",

2
java/google/registry/ui/server/registrar/RegistrarPaymentAction.java
View file

@ -23,6 +23,7 @@ import static java.util.Arrays.asList;
import com.google.common.base.Function;
import com.google.common.collect.ImmutableMap;
import com.google.re2j.Pattern;
import com.braintreegateway.BraintreeGateway;
import com.braintreegateway.Result;
@ -49,7 +50,6 @@ import java.math.BigDecimal;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.regex.Pattern;
import javax.inject.Inject;

1
java/google/registry/util/BUILD
View file

@ -28,6 +28,7 @@ java_library(
"//third_party/java/jsr305_annotations",
"//third_party/java/jsr330_inject",
"//third_party/java/objectify:objectify-v4_1",
"//third_party/java/re2j",
"//third_party/java/servlet/servlet_api",
"//java/google/registry/config",
],

4
java/google/registry/util/SqlTemplate.java
View file

@ -22,11 +22,11 @@ import static google.registry.util.PreconditionsUtils.checkArgumentNotNull;
import com.google.common.base.CharMatcher;
import com.google.common.base.Joiner;
import com.google.common.collect.ImmutableMap;
import com.google.re2j.Matcher;
import com.google.re2j.Pattern;
import java.util.HashSet;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.annotation.concurrent.Immutable;

1
java/google/registry/xml/BUILD
View file

@ -20,5 +20,6 @@ java_library(
"//java/com/google/common/io",
"//third_party/java/joda_time",
"//third_party/java/jsr305_annotations",
"//third_party/java/re2j",
],
)

3
java/google/registry/xml/XmlFragmentMarshaller.java
View file

@ -18,8 +18,9 @@ import static com.google.common.base.Throwables.propagateIfInstanceOf;
import static com.google.common.base.Verify.verify;
import static java.nio.charset.StandardCharsets.UTF_8;
import com.google.re2j.Pattern;
import java.io.ByteArrayOutputStream;
import java.util.regex.Pattern;
import javax.annotation.concurrent.NotThreadSafe;
import javax.xml.bind.JAXBContext;

1
javatests/google/registry/flows/BUILD
View file

@ -37,6 +37,7 @@ java_library(
"//third_party/java/junit",
"//third_party/java/mockito",
"//third_party/java/objectify:objectify-v4_1",
"//third_party/java/re2j",
"//third_party/java/servlet/servlet_api",
"//third_party/java/truth",
"//java/google/registry/config",

5
javatests/google/registry/flows/EppTlsServletTest.java
View file

@ -19,6 +19,8 @@ import static java.nio.charset.StandardCharsets.UTF_8;
import static org.mockito.Mockito.when;
import com.google.common.collect.ImmutableMap;
import com.google.re2j.Matcher;
import com.google.re2j.Pattern;
import google.registry.model.registrar.Registrar;
import google.registry.testing.AppEngineRule;
@ -31,9 +33,6 @@ import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.runners.MockitoJUnitRunner;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/** Test setup for EppServletTest subclasses. */
@RunWith(MockitoJUnitRunner.class)
public class EppTlsServletTest extends EppServletXmlLoginTestCase<EppTlsServlet> {

1
javatests/google/registry/tools/BUILD
View file

@ -32,6 +32,7 @@ java_library(
"//third_party/java/junit",
"//third_party/java/mockito",
"//third_party/java/objectify:objectify-v4_1",
"//third_party/java/re2j",
"//third_party/java/truth",
"//java/google/registry/config",
"//java/google/registry/flows",

5
javatests/google/registry/tools/CommandTestCase.java
View file

@ -44,7 +44,6 @@ import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
import java.util.List;
import java.util.regex.Pattern;
/**
* Base class for all command tests.
@ -154,10 +153,6 @@ public abstract class CommandTestCase<C extends Command> {
assertThat(stdout.toString(UTF_8.toString())).contains(expected);
}
void assertInStdout(Pattern expected) throws Exception {
assertThat(stdout.toString(UTF_8.toString())).containsMatch(expected);
}
void assertNotInStdout(String expected) throws Exception {
assertThat(stdout.toString(UTF_8.toString())).doesNotContain(expected);
}

1
javatests/google/registry/tools/server/BUILD
View file

@ -23,6 +23,7 @@ java_library(
"//third_party/java/junit",
"//third_party/java/mockito",
"//third_party/java/objectify:objectify-v4_1",
"//third_party/java/re2j",
"//third_party/java/servlet/servlet_api",
"//third_party/java/truth",
"//java/google/registry/groups",

1
javatests/google/registry/ui/forms/BUILD
View file

@ -18,6 +18,7 @@ java_library(
"//third_party/java/hamcrest",
"//third_party/java/junit",
"//third_party/java/mockito",
"//third_party/java/re2j",
"//third_party/java/truth",
"//java/google/registry/ui/forms",
],

2
javatests/google/registry/ui/forms/FormFieldTest.java
View file

@ -30,6 +30,7 @@ import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Lists;
import com.google.common.collect.Range;
import com.google.common.testing.NullPointerTester;
import com.google.re2j.Pattern;
import org.junit.Rule;
import org.junit.Test;
@ -40,7 +41,6 @@ import org.junit.runners.JUnit4;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.regex.Pattern;
/** Unit tests for {@link FormField}. */
@RunWith(JUnit4.class)

1
javatests/google/registry/util/BUILD
View file

@ -23,6 +23,7 @@ java_library(
"//third_party/java/jsr305_annotations",
"//third_party/java/junit",
"//third_party/java/mockito",
"//third_party/java/re2j",
"//third_party/java/truth",
"//java/google/registry/util",
"//javatests/google/registry/testing",

1
javatests/google/registry/xjc/BUILD
View file

@ -16,6 +16,7 @@ java_library(
"//third_party/java/hamcrest",
"//third_party/java/jsr305_annotations",
"//third_party/java/junit",
"//third_party/java/re2j",
"//third_party/java/truth",
"//java/google/registry/util",
"//java/google/registry/xjc",

3
javatests/google/registry/xjc/XjcObjectTest.java
View file

@ -21,6 +21,8 @@ import static google.registry.xjc.XjcXmlTransformer.unmarshal;
import static java.nio.charset.StandardCharsets.UTF_16;
import static java.nio.charset.StandardCharsets.UTF_8;
import com.google.re2j.Pattern;
import google.registry.testing.ExceptionRule;
import google.registry.xjc.rde.XjcRdeDeposit;
import google.registry.xjc.rde.XjcRdeDepositTypeType;
@ -33,7 +35,6 @@ import org.junit.runners.JUnit4;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.util.regex.Pattern;
/** Unit tests for {@code XjcObject}. */
@RunWith(JUnit4.class)

8
third_party/java/re2j/BUILD vendored Normal file
View file

@ -0,0 +1,8 @@
package(default_visibility = ["//visibility:public"])
licenses(["notice"]) # BSD
java_library(
name = "re2j",
exports = ["@re2j//jar"],
)