Uploaded image for project: 'Rules Repository'
  1. Rules Repository
  2. RSPEC-5857

Character classes should be preferred over reluctant quantifiers in regular expressions

    XMLWordPrintable

    Details

    • Type: Code Smell Detection
    • Status: Active
    • Resolution: Unresolved
    • Labels:
    • Message:
      Replace this use of a reluctant quantifier with $CHARACTER_CLASS
    • Highlighting:
      Hide

      The reluctantly quantified subpattern

      Show
      The reluctantly quantified subpattern
    • Default Severity:
      Minor
    • Impact:
      Low
    • Likelihood:
      Low
    • Default Quality Profiles:
      Sonar way
    • Covered Languages:
      Java
    • Remediation Function:
      Constant/Issue
    • Constant Cost:
      3min
    • Analysis Scope:
      Main Sources, Test Sources

      Description

      Using reluctant quantifiers (also known as lazy or non-greedy quantifiers) in patterns can often lead to needless backtracking, making the regex needlessly inefficient and potentially vulnerable to catastrophic backtracking. Particularly when using .*? or .? to match anything up to some terminating character, it is usually a better idea to instead use a greedily or possessively quantified negated character class containing the terminating character. For example <.?> should be replaced with <[^>]++>.

      Noncompliant Code Example

      <.+?>
      ".*?"
      

      Compliant Solution

      <[^>]++>
      "[^"]*+"
      

      or

      <[^>]+>
      "[^"]*"
      

      Exceptions

      This rule only applies in cases where the reluctant quantifier can easily be replaced with a negated character class. That means the repetition has to be terminated by a single character or character class. Patterns such as the following, where the alternatives without reluctant quantifiers are more complicated, are therefore not subject to this rule:

      <!--.*?-->
      /\*.*?\*/
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              sebastian.hungerecker Sebastian Hungerecker
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated: