pith. sign in

arxiv: 1405.7058 · v2 · pith:KCDJBVEJnew · submitted 2014-05-27 · 💻 cs.PL · cs.LO

Static Analysis for Regular Expression Exponential Runtime via Substructural Logics (Extended)

Asiri Rathnayake , Hayo Thielecke This is my paper
classification 💻 cs.PL cs.LO
keywords analysisexponentialexpressionregularruntimeredosstaticsubstructural
0
0 comments X
read the original abstract

Regular expression matching using backtracking can have exponential runtime, leading to an algorithmic complexity attack known as REDoS in the systems security literature. In this paper, we build on a recently published static analysis that detects whether a given regular expression can have exponential runtime for some inputs. We systematically construct a more accurate analysis by forming powers and products of transition relations and thereby reducing the REDoS problem to reachability. The correctness of the analysis is proved using a substructural calculus of search trees, where the branching of the tree causing exponential blowup is characterized as a form of non-linearity.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 1 Pith paper

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. PUFFERDOS: Efficient and Effective Attack String Generation for Regular Expression Denial of Service Vulnerabilities

    cs.CR 2026-06 unverdicted novelty 5.0

    PUFFERDOS synthesizes feasible, program-validated attack strings for ReDoS by defining three vulnerable patterns and applying ReDoS-specific compositional concolic execution.