Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 21 Jul 2022 18:08:19 +1200
From: Mike Beattie <mike@...ernal.org>
To: musl@...ts.openwall.com
Subject: Bug: BOL/EOL anchors in regex capture groups won't match EOL

FRRouting uses musl-libc in its docker container build, and it also appears
to be in use in the GNS3 appliances for frr available online.

BGP as-path matching is regex powered, and usage of a special token of '_'
allows for the easy matching of the boundary of an ASN in an as-path.
Internally, it's translated into the regex capture group of:

   (^|[,{}() ]|$)

A valid as-path is a sequence of integers such as:

   100 200 300

A BGP as-path filter might be specified as so:

   bgp as-path access-list foo seq 20 permit _300_

which would get expanded to:

   (^|[,{}() ]|$)300(^|[,{}() ]|$)

when checking for a match. The usage of the pattern "(^|$)" in musl's regex
implementation will never match EOL, but it does match BOL. Removal of the
circumflex will let the match succeed.

Here is the output of a test programs I've written to confirm this:

   $ musl-gcc -o r r.c

   $ ./r "_300_" "100 200 300"
   regex: (^|[,{}() ]|$)300(^|[,{}() ]|$)
   regexec on [100 200 300]: NOT Found

Removal of "^|" from the beginning of the trailing capture group:

   $ ./r "(^|[,{}() ]|$)300([,{}() ]|$)" "0000 1111 2222"
   regex: (^|[,{}() ]|$)300([,{}() ]|$)
   regexec on [100 200 300]: Found

Thanks,
Mike.
-- 
Mike Beattie <mike@...ernal.org>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.