Wiki Markup grep}} utility supports regular expressions for finding patterns in the specified text. For introductory information on regular expressions, see the Java Tutorials \ [[Tutorials 08|AA. References#Tutorials 08]\]. The {{java.util.regex}} package provides the {{Pattern}} class that encapsulates a compiled representation of a regular expression and the {{Matcher}} class, which is an engine that uses a {{Pattern}} to perform matching operations on a {{CharSequence}}.
Java's powerful regular expression (regex) facilities must be protected from misuse. An attacker may supply a malicious input that modifies the original regular expression in such a way that the regex fails to comply with the program's specification. This attack vector, called a regex injection, might affect control flow, cause information leaks, or result in denial-of-service (DoS) vulnerabilities.
...
Bibliography
...
http://java.sun.com/docs/books/tutorial/essential/regex/index.html] | ]]></ac:plain-text-body></ac:structured-macro> | <ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2760c231-8bc1-4ca0-ab32-86e95c5ca6d2"><ac:plain-text-body><![CDATA[ | ||
[[CVE 05AA. References#CVE]] [CVE-2005-1949 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1949] ]]></ac:plain-text-body></ac:structured-macro> |
...
IDS07-J. Do not pass untrusted, unsanitized data to the Runtime.exec() method IDS09-J. Do not use locale-dependent methods on locale-dependent data without specifying the appropriate locale