There is no regex to handle this, because the format of the logline itself is valid, it will be treated like a good one. Only the logic part is wrong, but this cannot be handled by a regex.
> The matter is that with proper regex and such, one can make a log > parsing program that will not run into this issue. Now, I do not know > of the exact ways to go about this, but many other programs parse > similar logs with complete success. > > On Thu, May 8, 2008 at 11:58 AM, Ronny Schedel <[EMAIL PROTECTED]> > wrote: >> Little mistake, you have to rename to: >> >> player2<2><STEAM_0:0:2222><Red>") (position1 "2 2 2") (player2 "player1 >> >>> No, the quotes allow an user to break out the quotes, like with SQL >>> injection. You can produce valid loglines, but wrong one. An example: >>> >>> A valid logline, without date and stuff: >>> >>> Team "Blue" triggered "pointcaptured" (cp "2") (cpname "a") (numcappers >>> "1") >>> (player1 "player1<1><STEAM_0:0:1111><Blue>") (position1 "1 1 1") >>> >>> Now, let's break out the quotes. Rename to: >>> >>> player2<2><STEAM_0:0:2222><Red>") (position1 "2 2 2") ( player2 " >>> >>> Now the logline looks like: >>> >>> Team "Blue" triggered "pointcaptured" (cp "2") (cpname "a") (numcappers >>> "1") >>> (player1 " >>> player2<2><STEAM_0:0:2222><Red>") (position1 "2 2 2") ( player2 " >>> player1<1><STEAM_0:0:1111><Blue>") (position1 "1 1 1") >>> >>> >>> The line itself is valid, except the logical part: we have 1 numcappers, >>> but >>> 2 players in the line and a player from the Red team was able to capture >>> the >>> point. This case is not possible to track down by a program, because the >>> logline format is valid, only the logic part is wrong. >>> >>> Breaking out the quotes is a common hack for SQL injection and a big >>> security problem. It should be handled here like the same. >>> >>> This is only an example, I did not tried it out, I want to show only >>> what >>> happens if you allow every character. There are better examples to fuck >>> up >>> the logs, I am sure. >>> >>> Currently we have to kick all people with invalid characters in the >>> name, >>> there is no other solution yet. >>> >>> Best regards >>> >>> Ronny >>> >>> >>>>A proper log parses will parse these log messages regardless of what >>>> characters are in the name, with the possible exception of linefeeds. >>>> >>>> Not that valve shouldn't consider putting in restrictions, but log >>>> parsers also bear a responsibility to consider all possibilities. >>>> >>>> - Neph >>>> >>>> On Thu, May 8, 2008 at 10:42 AM, Ronny Schedel <[EMAIL PROTECTED]> >>>> wrote: >>>>> The problem is not the stats program. Valve must fix the log entries >>>>> and >>>>> does not allow any character. You have also problems if Valve would >>>>> allow >>>>> < >>>>> and > in the names. >>>>> >>>> >>>> _______________________________________________ >>>> To unsubscribe, edit your list preferences, or view the list archives, >>>> please visit: >>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>>> >>> >>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>> >> >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
