Oddity in regex

Alan DeKok aland at deployingradius.com
Mon Sep 1 15:15:00 CEST 2014


Arran Cudbard-Bell wrote:
> The string used the the value comparisons is a verbatim copy of the buffer of the attribute used in the regex.

  This will be noted in the next release...

> Not currently possible to do this for xlat, as the code isn't \0 safe.

  Yeah, that code is ancient.  It really needs to be moved to something
else... like the new template functionality.  i.e. the xlat's should
really return a template.  But that's getting into implementation details.

> Need to audit paircmp_value and paircmp_op for \0 safety, but as you're probably not matching on binary data, it won't matter.

  According to the RFCs, strings SHOULD NOT have embedded zeros in them.
 But who reads the RFCs?

> Means you don't have to do contorted escaping. Just assume the raw value will get passed unmolested to the regex functions.

  Which is much easier, and less confusing than the previous behavior.

  But it *is* a change of behavior.  And people will need to be aware of it.

  Alan DeKok.


More information about the Freeradius-Users mailing list