Re: [rules-users] Drools 5.4 DSLR Stack Overflow

The Pattern comments in org.drools.lang.dsl.DefaultExpander (defined in line 63) is vulnerable when used against strings containing '/*' followed by multiple repetitions of '*' alternating with other characters before being terminated with '*/'. The pattern "(?:/\\*(?:[^*]|(?:\\*+[^*/]))*\\*+/)" isn't "best practice", but it shouldn't cause a stack overflow. The much simpler pattern "/\\*.*?\\*/" would serve the same purpose while not causing a stack overflow. Tested with javac 1.6.0_23 -W On 09/07/2012, gboro54 <gboro54@> wrote: > Even after updating to 1.6.0_31 we still get the following: > > Caused by: java.lang.StackOverflowError > at java.util.regex.Pattern$GroupTail.match(Pattern.java:4227) > [rt.jar:1.6.0_31] _______________________________________________ rules-users mailing list rules-users@.jboss https://lists.jboss.org/mailman/listinfo/rules-users