From 39e67ae808804b71fce17f00086bf76a7ef6189f Mon Sep 17 00:00:00 2001 From: Peter Nied Date: Mon, 30 Sep 2024 17:27:39 +0000 Subject: [PATCH] Optimize the regex parser for InvalidResponse Rather than using a backtracking pattern which could have performance impact, switch to using explict character ranges which work for json path seperated with periods. Mitigates sonar lint rule java:S5852 [1] - [1] https://rules.sonarsource.com/java/RSPEC-5852/?search=Using%20slow%20regular%20expressions%20is%20security-sensitive Signed-off-by: Peter Nied --- .../opensearch/migrations/bulkload/common/InvalidResponse.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/RFS/src/main/java/org/opensearch/migrations/bulkload/common/InvalidResponse.java b/RFS/src/main/java/org/opensearch/migrations/bulkload/common/InvalidResponse.java index 33973afd4..2205a99c5 100644 --- a/RFS/src/main/java/org/opensearch/migrations/bulkload/common/InvalidResponse.java +++ b/RFS/src/main/java/org/opensearch/migrations/bulkload/common/InvalidResponse.java @@ -17,7 +17,7 @@ @Slf4j public class InvalidResponse extends RfsException { - private static final Pattern UNKNOWN_SETTING = Pattern.compile("unknown setting \\[(.+?)\\].+"); + private static final Pattern UNKNOWN_SETTING = Pattern.compile("unknown setting \\[([a-zA-Z0-9_.-]+)\\].+"); private static final ObjectMapper objectMapper = new ObjectMapper(); private final transient HttpResponse response;