vivek807 opened a new pull request, #19514:
URL: https://github.com/apache/druid/pull/19514
Fixes #19513.
### Description
Add Google RE2/J linear time regular expression as alternative to Java regex
```properties
druid.regex.engine=JAVA
```
Supported values:
| Value | Description
|
|----------|--------------------------------------------------------------------------|
| `JAVA` | Uses Java's built-in `java.util.regex.Pattern` engine.
|
| `RE2J` | Uses `Google's RE2/J` regex engine with linear-time matching
guarantees. |
Default value:
```properties
druid.regex.engine=JAVA
```
### RE2/J engine
Setting:
```properties
druid.regex.engine=RE2J
```
enables the RE2/J regex engine for ingestion task `regex` input formats.
RE2/J helps protect against catastrophic backtracking and Regular Expression
Denial of Service (ReDoS) attacks by guaranteeing linear-time regex evaluation.
### Compatibility differences
RE2/J does not support all Java regex features.
Unsupported or partially supported features include:
- backreferences
- lookbehind assertions
- some advanced backtracking behavior
Patterns using unsupported constructs will fail during regex compilation.
### Example of catastrophic backtracking
The following Java regex may cause catastrophic backtracking:
```regex
^(.*a){20}$
```
against input such as:
```text
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaX
```
Using `RE2J` avoids this issue.
### Performance considerations
- `JAVA` may support more advanced regex syntax and behavior.
- `RE2J` provides safer and more predictable runtime characteristics.
- For trusted internal ingestion specs, `JAVA` may be preferred for
compatibility.
- For externally supplied regex patterns, `RE2J` is recommended.
This PR has:
- [X] been self-reviewed.
- [ ] using the [concurrency
checklist](https://github.com/apache/druid/blob/master/dev/code-review/concurrency.md)
(Remove this item if the PR doesn't have any relation to concurrency.)
- [ ] added documentation for new or modified features or behaviors.
- [ ] a release note entry in the PR description.
- [ ] added Javadocs for most classes and all non-trivial methods. Linked
related entities via Javadoc links.
- [ ] added or updated version, license, or notice information in
[licenses.yaml](https://github.com/apache/druid/blob/master/dev/license.md)
- [ ] added comments explaining the "why" and the intent of the code
wherever would not be obvious for an unfamiliar reader.
- [X] added unit tests or modified existing tests to cover new code paths,
ensuring the threshold for [code
coverage](https://github.com/apache/druid/blob/master/dev/code-review/code-coverage.md)
is met.
- [ ] added integration tests.
- [X] been tested in a test Druid cluster.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
