-3

I use a regex to validate number formats.

[-+]?([0-90-9]+((\,([0-90-9]{2,}))*\,([0-90-9]{3}))*)?(\.[0-90-9]*)? 

When I handled a large number of inputs for certain inputs it seems to loop infinitely .I read other answers regarding catastrophic backtracking . But I am a regex newbie and need some help. can you please provide any input that can make this regex catastrophically backtrack . Would be helpful for me to understand .Thanks .It can be a very long input too . I am using Java Pattern and matcher objects.

VLAZ
  • 26,331
  • 9
  • 49
  • 67
Sainath S.R
  • 3,074
  • 9
  • 41
  • 72

2 Answers2

1

Yes, this regex is prone to catastrophic backtracking. Specifically, this segment:

((\,([0-9]{2,}))*\,([0-9]{3}))*

For reference, this has a structure of the form

((,d)*,d)*

which, simplified, is essentially (d+)*.

Strings like

1,111,111,111,111,111,111,111,111,111,111,111,111,111,11.

will therefore cause catastrophic backtracking.

Aran-Fey
  • 39,665
  • 11
  • 104
  • 149
0

To validate your input string use this one:

^[-+]?(\d+((\,(\d{2,}))*\,(\d{3}))*)?(\.\d*)?$

As I've wrote in comments:

all of your capturing groups are optional , where using ? or * and if you want to validate input, add ^...$ wrapper

Have a look at right side bar of https://regex101.com/r/eM7OFj/1 titled by MATCH INFORMATION

MohaMad
  • 2,575
  • 2
  • 14
  • 26