How We Eliminated Regular Expression Denial of Service and How You Can Too

Written by conradirwin | Published 2020/02/18
Tech Story Tags: regular-expressions | superhuman | open-source | developer-tools | software-development | javascript | regex | hackernoon-top-story

TLDR At Superhuman, we make the fastest email experience in the world. We use regular expressions to process massive amounts of text very rapidly. When regular expressions go wrong, they go devastatingly wrong. Superhuman has accidentally become vulnerable to regular expression denial of service (ReDoS) The problem started after we changed our regular expression to:/("[^"]*"|[^@]*@[#]#) Superhuman is using 100% CPU and not responding…”via the TL;DR App
no story
Written by conradirwin | Co-Founder & CTO of Superhuman. Programmer, Blogger, Speaker, Dancer.
Published by HackerNoon on 2020/02/18
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy